From 18bfb4ad14ee88ed32b88dfd54c65432e6a62ba7 Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Tue, 11 Apr 2023 18:32:44 +0300 Subject: [PATCH] NAS-121334 / 23.10 / Add ElasticSearch chart to `charts` (#1078) * Add elastic-search to charts train * Add read-me * bump common * add description * quote all default string values --- .github/workflows/charts_tests.yaml | 2 +- .../ix-dev/charts/elastic-search/Chart.lock | 6 + .../ix-dev/charts/elastic-search/Chart.yaml | 25 +++ .../ix-dev/charts/elastic-search/README.md | 10 + .../charts/elastic-search/app-readme.md | 10 + .../elastic-search/charts/common-1.0.3.tgz | Bin 0 -> 54267 bytes .../elastic-search/ci/basic-values.yaml | 8 + .../elastic-search/ci/https-values.yaml | 97 ++++++++++ .../ix-dev/charts/elastic-search/item.yaml | 4 + .../charts/elastic-search/questions.yaml | 176 ++++++++++++++++++ .../charts/elastic-search/templates/NOTES.txt | 1 + .../charts/elastic-search/templates/_es.tpl | 119 ++++++++++++ .../elastic-search/templates/_helper.tpl | 7 + .../elastic-search/templates/_portal.tpl | 12 ++ .../elastic-search/templates/common.yaml | 9 + .../charts/elastic-search/upgrade_info.json | 1 + .../charts/elastic-search/upgrade_strategy | 26 +++ .../ix-dev/charts/elastic-search/values.yaml | 31 +++ 18 files changed, 543 insertions(+), 1 deletion(-) create mode 100644 library/ix-dev/charts/elastic-search/Chart.lock create mode 100644 library/ix-dev/charts/elastic-search/Chart.yaml create mode 100644 library/ix-dev/charts/elastic-search/README.md create mode 100644 library/ix-dev/charts/elastic-search/app-readme.md create mode 100644 library/ix-dev/charts/elastic-search/charts/common-1.0.3.tgz create mode 100644 library/ix-dev/charts/elastic-search/ci/basic-values.yaml create mode 100644 library/ix-dev/charts/elastic-search/ci/https-values.yaml create mode 100644 library/ix-dev/charts/elastic-search/item.yaml create mode 100644 library/ix-dev/charts/elastic-search/questions.yaml create mode 100644 library/ix-dev/charts/elastic-search/templates/NOTES.txt create mode 100644 library/ix-dev/charts/elastic-search/templates/_es.tpl create mode 100644 library/ix-dev/charts/elastic-search/templates/_helper.tpl create mode 100644 library/ix-dev/charts/elastic-search/templates/_portal.tpl create mode 100644 library/ix-dev/charts/elastic-search/templates/common.yaml create mode 100644 library/ix-dev/charts/elastic-search/upgrade_info.json create mode 100755 library/ix-dev/charts/elastic-search/upgrade_strategy create mode 100644 library/ix-dev/charts/elastic-search/values.yaml diff --git a/.github/workflows/charts_tests.yaml b/.github/workflows/charts_tests.yaml index 356fbfcdd8..6e4c4594f5 100644 --- a/.github/workflows/charts_tests.yaml +++ b/.github/workflows/charts_tests.yaml @@ -38,7 +38,7 @@ jobs: python-version: "3.10" - name: Set up chart-testing - uses: helm/chart-testing-action@afea100a513515fbd68b0e72a7bb0ae34cb62aec # tag=v2.3.1 + uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # tag=v2.4.0 - name: Run chart-testing (lint) id: lint diff --git a/library/ix-dev/charts/elastic-search/Chart.lock b/library/ix-dev/charts/elastic-search/Chart.lock new file mode 100644 index 0000000000..2378c1fe5e --- /dev/null +++ b/library/ix-dev/charts/elastic-search/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.3 +digest: sha256:1a090020cfa582aff29906320874ffe9b543fcc6c2423c281f434514f2653e02 +generated: "2023-04-05T18:36:45.107184615+03:00" diff --git a/library/ix-dev/charts/elastic-search/Chart.yaml b/library/ix-dev/charts/elastic-search/Chart.yaml new file mode 100644 index 0000000000..3494f485e0 --- /dev/null +++ b/library/ix-dev/charts/elastic-search/Chart.yaml @@ -0,0 +1,25 @@ +name: elastic-search +description: Elasticsearch is the distributed, RESTful search and analytics engine at the heart of the Elastic Stack. +annotations: + title: Elastic Search +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '8.7.0' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ +dependencies: + - name: common + repository: file://../../../common + version: 1.0.3 +home: https://www.elastic.co +icon: https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt280217a63b82a734/6202d3378b1f312528798412/elastic-logo.svg +sources: + - https://www.elastic.co/ + - https://github.com/truenas/charts/tree/master/charts/elastic-search + - https://www.elastic.co/guide/en/elasticsearch/reference/master/docker.html#docker-configuration-methods +keywords: + - search + - elastic diff --git a/library/ix-dev/charts/elastic-search/README.md b/library/ix-dev/charts/elastic-search/README.md new file mode 100644 index 0000000000..beec2c1bc3 --- /dev/null +++ b/library/ix-dev/charts/elastic-search/README.md @@ -0,0 +1,10 @@ +# Elastic Search + +> During the installation process, a container will be launched with **root** privileges. This is required +> in order to apply the correct permissions to the `Elastic Search` data directory. Afterward, the `Elastic Search` container +> will run as a **non**-root user (default `568`). + +If you want to apply additional configuration you can by using additional environment variables. + +See the [Elastic Search documentation](https://www.elastic.co/guide/en/elasticsearch/reference/master/docker.html#docker-configuration-methods) +for more information. diff --git a/library/ix-dev/charts/elastic-search/app-readme.md b/library/ix-dev/charts/elastic-search/app-readme.md new file mode 100644 index 0000000000..beec2c1bc3 --- /dev/null +++ b/library/ix-dev/charts/elastic-search/app-readme.md @@ -0,0 +1,10 @@ +# Elastic Search + +> During the installation process, a container will be launched with **root** privileges. This is required +> in order to apply the correct permissions to the `Elastic Search` data directory. Afterward, the `Elastic Search` container +> will run as a **non**-root user (default `568`). + +If you want to apply additional configuration you can by using additional environment variables. + +See the [Elastic Search documentation](https://www.elastic.co/guide/en/elasticsearch/reference/master/docker.html#docker-configuration-methods) +for more information. diff --git a/library/ix-dev/charts/elastic-search/charts/common-1.0.3.tgz b/library/ix-dev/charts/elastic-search/charts/common-1.0.3.tgz new file mode 100644 index 0000000000000000000000000000000000000000..7446e33b5fe2a179e4787b1352c6cc00d6e92020 GIT binary patch literal 54267 zcmV)`Kz_d;iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvFciT9!Fb>b({uFpQ&eK*uwk+?{ema@sc9zbaEIx74^WK}u z&4EeC;+P^B5|ZOd{M~;CE3t8rL@RMxJf}Mr2^0!jZ75WQcs$1G_UQ=bq<;g)$zQsE z27|%iaDSiuI~WY?e+PT}2Y=bw-{0BW+u1$bIsD6DXLtW_|1V&02e>%Tq#!W=%V6QQ z?9Sbj2c{_|kiyofJynBM@lI@Vwo|AF!%#_2Jb?ykWsD}U~+ zMW_h#I3w)$2}nfMkX8jloP+rP4_*(4aTvn{oI(N+X5*Zqhmnw z2})tH2EZgwj=_kKtT^7@zP`Thi%V zKVtt+VKPC*9T9+r{eQH(vv2SJqutg1U&`}Wu(bs?A{-XmZ=Reye)*(7j(TgC3BG^{ zB?t+;KuK{7zTB<>pc4!JW*n!laD>iqPL9DZgTY{J%@1)1ljH)1SC7#UP7=b1O_t*e z^pu`mpaPrSN^A}XHRDsU%HlD+L=?XqWw?k5&To!E5KzVjFU4QkBuUP25{Ea( z;Q8ZJ=J){g5uc6sH7zCbXRp3x3Kc>FnL}$H(B{@NewbyO$^D|2PK0V8EIKAfKcs#Vee?!I*Hq zTfTl*puDWgUOmh4B-7p@7`;xD8(RBmoS@>SAZVR0C+HGADMFY)E*}hG zQt&dF{2b|T3lxTUoSo%(7$-C6pfO4bOjwOVHCo&h zAxZe}iV4h7fhT#$kxt@qEJ;zAO^(6-U@#c7pJOy;E9Y;|Vz!n(O;BMJ-LVQD3|`Wb zul{)c`1#4l)04AvUU-YnNfkC3j$UU<5=1GyNYFW_yf5PPswgLDgbVTtk!ze^l`nI| z=z|=rljIuS&@~>Vg?uMS_tQ8p2>)`5(_wtck;7%<99J&jr4c5DnmQ(^9D{(ZV2Z~{ z62k(?VJA32x#UpnP0p9gX#$Jl6$8kq0Gtp!#*>tY9-f3D{q+`KA#HsUl#k<-!F!g& z5S^JsZO>$PDJH03L&^T49T_1Q(S7ulb>OeypC}3O7y*L8+kApvot%U7(~}oZ*ypz+ zm|lS!JmKvNg4r2l$cIO zq91?e#DGcaeF6Tr$t9zMxtPx9L*Cbz0st42OAx0D{wBy01PcTx0RS)saZyZ=-q63} z9GVS@$)H^QKR88TQlJQ+DavoIM<_=WY!ZibS+BkQpJVXu?Wr++bU7y&M*5zR@0hrw z7ZxIkNsieor>G{R7~8FUErhARf?@=7#AwoAf!ud1SImH0uIEoT<4Rf^iS3vnN+n+faqMWWN zK$rYl{Q1deg7Oq5&r^c(Aq;TR-8brDQSr!L}^QzO5CA(tsG zVCcdNVS=1l;&8p6oW8MQ+VGckwU_>OpPjucOFuh%Ct`a$s8Gg{(VT?x_IEy~~Hw6RZHw^Wv+<<}X; z#}7fD{qa=_2((uWKclc3bjmJSE%S|5y{f%2j(AP>hgJbHWy~l`2Za`;|7x$FiPz7> zYaMh!zicFNp+OA75elz@o(3Zxf)o?5F`g9UcUTCtI0RXammI=40UKE!r(_6%Gi}&U z)e77K?`h2sfP$kM2bJvc5WIg-d_v`&z?VCxXpJnw)w6_ zn{<}He6e@Y?QLnwh?HQ@1#?=O?MnuS$#z`$#yPk6G2&uByr-W(fVf~30|E*1W)l=wahApDWuR4}lN+bPy2wz9*Vaskr;|KKDFOOo!YO#q z5&3Xjf-49lU@HW{g9&(W83QPvHSje4TnnCVz`!$mY!_3d+8A=lV?1NdKW&PC zX%mcV3&~`yvT40NK{bpS3f5JX06YY|R^>o5^KhJA0(_mKycoq9l_JW?Jk}cEfr4Aun6M#1xu@2#UaewlX!FMZh;WM5bgKWY zrP(i+JiNmV7mA^*)Z)bOKv}5akJA1n;{cjnMssE|7Ns!?PT*qW&D}+=C7&0oa zt4V8++3>R*ZB4Sv97YKI8(&ajcmcz!Nk+*hh#-L%us{oGj{-lXI;L<;)x`3Bz)fne z%=cSijw1S%<8ubdC;-8>{QQx>4nUxUy#R=llfHVz)lk}^p@uR^6AxJ*_3_&-N3GOM zWdUjWW0f~@^l1|3D6*jOB69TUm>X@-KB1JvFe%o`ei^v27X*WX;2g2qyx=B?$xj7) zp|Jd^02!;VkhRB0JFzryexu&=#{p)u1+5sFaM*MO8=W#D??52~W@L&oA*Ng3>88#{nng_=g4 zN_9T9wRm4?ZBb3E1?+!AE)4H}ww z0O24&L2KJagT|b^tp1ojUUl;a$}_yrC^Uya=*<>BTc8*@ueL(xRWM0OoPg}|V_eY5 zxdB`6!1|Z7*XM7ay?Ju}@!k28H@9GG1QHy=WP}Ss)oV~B2xVaR|1r5cuqHVE@w#RC zo89+LQAz65A}GwvFuSe%mtTGnw(?(o`K1TGf;3L4C;$$D;8E**oPJ|8`oHi6rKJ4a zdP|guhhPMYf1n$OI0td@j!SWYY0I+;_EkB3`u1%bk`X7K~6b?iZu&5yn@+u`W-$-?y$&d^sY) zF$i`7&*umwh@h>E`CbLbfW2hClvE0`Ii2Ob^$JZk?gaK)JmxN03l8 zN~jiisKa^u+pW@31EY3!`7xS|GqAN4UCcN zcgt$bV_6W4G361qcHm`5>MX9p;;?lM9YX_sMW>7Ytu#u4!36?*adcow_$Q=2@mmuZ zP7Nl78H@sU7hS6WE77%SfSbfyDXx4lW>H?n5Y3{&ZqZg+tFdjBIJzR;b3B`|7}U;7 z=c*}O^Eu#wdknaHaLA4UXF6%)JNusvt6x$Bmt?x+(N9Jri~Jdfc!HR&O#MIf>|1uuVJmq8qc1>blw#t@HU#%R)RdbBV zDft|Lbr9f-f1{8*h6Dy+z5Kzss3>?0-i{EUKNx?bDyiUl>^5Zz0xfmapwX`O%Njq&ywNa-x3_C@ zJg@Zmn%o? z+8@DyQ!-Xpbg(TymVM}i8*3KyO6n`G8Oo;FF*GBcY9Q+d&*t_Qkc6Y{lIQc@uQ>jS z<9~M?zYr%7v+a-b425+FS8f(ZTA)u!+)6`vxl_ug<)#qlDixc zq?QU{x|7W{&GB1qkIrxu$XDD>tItR=!nrUfdNzwW!Am1H^3jQoj)=Z*c6M#Q3X=|* z@7q!&xln5;Q_GocKfi6LSm%u*`+Dmcjtng3q9k{RZ)TxaN9xPx8xei^IK*GatKDMO zUKi?Qx-8OyKQKBl*KE=r=|~RjgR5^Xso%|0rT<0BCvI^Suu1maQ+S4#F%eN^MZ{c3mliD~0f$D}?1H=}sq< zItWLZ1$%p82Em4=TgqB0$V`%8Jt}eSQJ$5-d>~i$i?^<_Vy54H*toFA48?dmm zRn>2$rY>DYy-(`t-KeJDP%ZVUq^;Jfc%^Hh%ho_0&&fNH|Eu)BuFn4c(n9~+J+k$` zgT28@|69t#l)R44{=UC+zxHQ--{`!r^RvFyIp0dH`vKItPS5yO`p`-rTIoZJEXkEV zw9<#bpF$t{vprS%U&_-voDc%T(HN!VF_oQTx^`yP3mfl$?Ah^ucX#&(EB$X757YHT zE)P)7HYlgN3(c@*HGSJ#BDFoQzd6!awasmkMj-rd2(QoomQ`cP9os3mwNr3c*G{hf zR`kO(?uThO?8mrNQ(skMvxxe-xPWa*QukLo?MSd&%6Ke6@09zz zCt_6bf0j?8BLi^b{f~j2|Mg&hZ*Rr_m+|mu48NV6cERT9qWQM`oGsg0wk=Dv;m)#b z$n%!{GmelJt56hRA)t8ya2-bo;2flw^jYq)1PSQuPaAGAVO%Wqp9d5BQh_4LdOA<^tZD_QJv%Sa4c4I}^?RJCz7N=31UW$FL zeyz6qYP+wtyRqGIf<&Aln8hMMUFE)817Kmk+OWNp?9q+{nd#>`q($vo7sz(l?w?D| zt9+{TKar!b6AiFI|JxrN?AZ4|27`l@{tZC0+13gP$fSu=1m!PX@DKoeaV4CQF(TXR>3y6Qtjwx2v=ZU)3gz64_wPd5vdt!)_Nt**6xA4c zWn?9e`dXP>OanZ-+`AG=S3>FC3Z-V2K9#J|-T)%sqd^0l{o3p4(VJ$VCfq+ODf(ef zoE^aiNGo1Saua?S6-I`O5iEYk1v$exF;j!c@3^e++N zF~CuDCPB<$I|4xnlZ1+Afmk?!kn*&gC?$?tI@gs$pbsRM7A859(#rg>&VWCxv4>?i z>T6|N_e!CuIv^1J=Ln?+mT>_JMC5d3INAh5oHO#k42;juHbH^q#w)-zP6;6S4ZDUD zrxBlJs?B6LCxrw=n=tzv4*^{UFpbJA(H9sefiW6A>z7%c%S(2R4Jyg$ed38+4NqKS z13pyd)#qoX_GyV}W=8Rx<%?g>giHD+|I^;id>FROp0kpD5zF2}D;~1kbsI824+9#E z#C{EWqOyG9dXnqA+sMA-_NuX$`VwIP<3bQicVPfnT%#n>_b~0Mj*h8&*9^Z$+51RG zmaa`>kMfih3Kqq?MoDLj_Fie@wf^dNcn?Fdy*ckuVpdQ?bmzH0&W#4|l?=R+DgOjAWr-}+IT3&f&u0dc1YZM!0iL2fk0S(P zW}e7U4l*2p3s}U(CP)zZsQ@FGM`}0;7M82a1Yf`;5g7yFgy1pV1Llr+i?2{Bb8h}g zqymTk3lrM*N0d$fONCLcnP<#M!%Ks&K%%?z+c{&N+dhD1dE)<6l_DBhe zFAz0Q5>qi+y=r@|*TQIwf?T}Ty6nl^w)c%`RMY=U#0<7?V0yXWF>nL@-#a?A&wr2h zk5>2pmhu?cm|x&)R1kLd@OykYqJQ(V3s@BKWy*IaJF-h}v^>VKIw_i$Vd!UfR@V2v zz7A*BBkzi`V6qHP>xrTh>}o~a){ zbk3gTC(DJBpS9X2#qt<>s7~qQLZ)x-_xsLiplsMU7E`BI91>yfOO*DPC&>zq3yHv7 z9R}lE2PiU5++;1=KZD;nADuTD@ijq$BzzXoG{b62_&-9#bobH)mYKh4eUbG*}RyvA|1EB$Efq4cdA zPYUuFq3jfAH^K^F$$c`OAL#cSb}s0u?FQ$w2s|jjR=L2apu$Z61p^|4m_Us|zt<>B zn2lFBRLz2ffY25R<{lL%2wWp@mEvo@1eFvx%<&kQ(;zL?lw-sMpwC$nhcQWR7{qhs zSqDOxf*cJ|&fFu}){EjCg(SJzq|yM(Ov2i`KqEMf@g%298>$^Z;n6jLC&a=*$%`AX zC?;c6fM8M}DKZ8<%Q;c!aB`Xh)yV+#ZO;mGfVjA7VW7K_T_eEp&^ItGF)5hjGg7FP zTBd@2k`$Q2PZ8J9LdI-|I0xfNLgFlum1D#&KWu`Sj=wS<;S@S9M3*l!?R4y?=>=c<-TR8*cBLcC)T1Y%r!=5o~o_Vg=+Ex$;XaQ1m&6y_+MO#V2XbCAw*c7W z|8cl)$NwA*cK28E-!dNMtA488vtts;0+OG$e)?kh%q{SBVZoCnOSD>;?Yy0sRhFxg z2bHXca`OB!GeZ!3&h>ml9 z1IYyFU*qTzc>mzj2g+X9&{Bru;_o!tcwJyU5~~IHL~MVbJl73|3A|)WhF{Ii(G*`% zfi*y%vp7dl(6c9%i}b8@R(r02qI3D6s2Q(7pf>x!h>nRPO7E59@+Pm_J+@M`E~?YY zIeN%ft2~&jSseZ~!Ok6L=)bWtn$0zxKh6BVl!WIM0h;_jc6at{{(o?^^8Z-M!x_A` z%KxwwpT#AB=?n>uTAFxt@NMijRp`v>df|yi7e}rGL>q1xJ@Q?2D%*i+RANMt4`**f)Os^q-2< z+aFn6#SS6>H0ghPdrthXy~CCMx0HvIckaqjfZ-$!xl8g8=im~hD2IgVBy1@FNoh5g z5n}n;pVFlRT4+~HYvU^{WyT|o{Ph_W7Pu391qr@JIrA)@q#-!m6HdnGli@J_41%q| zB_%G7!%31Xil>BOy6Q8i$8}e>-M;oMVjs#0;LwcFrKZ)MeShdJ;kXOv6-wLp)`KFj z>hnU?YD>D{L_KB_hqnoxN|Fit_Qq{I^M}fPd_|hxc0%zNkIT5EZmujjt0{nURty*tl=s1N!mP4lO@N=ae(EzX71|xff(aPog3t+2wTixlZ6%i#0$q+M zzh}eD_bTBDTNUYuaTC zEpKQW75q_}wIXdyirzkUU{H+8BSgcb$l7}evkHSEt=3>ttT!1(Y7#2!ggyj#v&uF| zXE??w%x`o9;k3d)$XZ;P1;6Q2MgRHLp6!n?zg$=aXrljn1LywN&S2&LyOhT;l+nos z?C^Cl;xBH&QgGkbjjh% zVJT&@1oZWY5i0qm=Ab76WGN^Kiv`zreEUQ{V9tCJ%tqMT>UL&z4m5wQm_!Fp6aA;( zVY<-uk7oIQVB3F=4h~lLf0yzY^j}PNhb%xq{2{o2>PyFrz;|^}PwOQn#h|O6?|w2{ zL&|+Xwp>^D22`r~$cl2`gQto9qjb9P2|xq=KinPI@qZ4FR{5Wo^BDC1NjmL@?4xx0 zLy&ydk2{k4H^KVUjueipa5~+DS85J(FQeH6tiv+KQjZh*GB)6qkHq^8OH&a8j@{Tf zmdrwPa-a6<8HdHQ1XK;^(;SbF^;qsX8Wy_yu(VhG1KqqqLl)3F%n?yPhcQYb`lm;C zVjgw~Y$PZJ8|zc>6hyM6DE~k!B;Sh^Mdp^D%NdruR*Phj-(7~D4jkM z&H^AuL%NPfaEbuCq&8&E29ERHzj2&`U=swQW&MqTUx9OSl4K*;b3);JLOHCX&lybl zjjm&F7OuCxLg)6+FdUhMuMGxOy zYTiIaED2Wep>dm`bn9`7%T;5X8O*$B;#80w$|==_;|M$`L|`_?Rn_I}jS!Ae!n~G5 zPb@#FhG`Hz9pXvqi5R4paad*K9FREUfj&__Rk@F><~?z3T-;mtNlpic-T8db{>Y0d z6?3Ed-O(h8ZN6c-ZPmn)^*c*#x{zdsV>&nsO(U!nyB^I3c_WSD8qCIfnOu0x(Zzg*0%R5 zhN3;cN?CfN=~GdmVhX$-YA#(q{PYZ249Suh&4VGYJrjB|;dU$K-sev@zX~SRD=n~i zNg!lch%zdDW3OCQvc?qb*KoguJ=hGHMm0Zgk4uAbYdefiF}l?+tENIztk~ftTh!8g zXy?Cq<<&ZWK;M)W^8bstSS$fplmEy5(V-*%A04ga|7ARm{Qsge-w&~LeiZqi_vLO5 z15xTb3S?8U*nV z=b%yzkU_#L&mw7Y_Oa?r@?MhmR!JnX z+1+`8$hGrBaDcKiow9)KpTWr##}P>51Y|f)3CitAenucXoiHk#Oq)YRp7gQ@R@i7K z+`}}EVt5L(!WY>#N1PrP{a1fHfBgL9YytAts*s#tB?KLfQwqNnH2ay-dc z5*}Dk7R1BA>q)X?d(YeRF=_&1Ks+ThK*7**DM>Z|22DCWz*nRj9Kj# zP5OU4hL=dj@SM{K(4hbC?e049KaO@+{vS(uoIr_e!nHsS-IxN5W%NVX1FRl(?H9tp zzviCoN?kAY8W9Ef_#p^bNgV+v3zUJXNn{nIhxTQ@IyJi@wLl5YXhU`7p)c&cQ|pT_ zjAa{TQ)(6u3iF6o1|V*<94JitIm&Pm6Rc(6ncbtJ#7BeoXikg>yzB-Q0xxI7VZ*tc zsv|YK0mZ^aY)lT^HUX4tL&c9V8lPnZvq_Si;Uo@ks*Gi7p$28y00hs6uP`~wQGrrY z6JTdOqZMMLn`+Fe!AWurZwjhJpef1&OCK`rErL0f-U#C>oo!?}Iwv>_K#<{roD-N6gITQeTz6#!^cjT#2u6ft;-A8(;E06fOzVt9 zD8>|>P5w`rYP4^e{~d-!i;J$zck@-@^a%V)!L;B`I!_WUvwvG$Zk6&u*~>m1RX^s9 z0+x=VZ|UkPY(R!R}z+_W#-2S;c=@%45iXY_dCy{>9+^5W=76$=!H= zid@Vhp|to_N?z{CxyaV9TQM>msf^~%oqBl$q$SoC38?%1zU9+7v@kGIRV#ME;gJ!_ z88qn48|{bZ$w{wq$?cz6u9FN${P0tB$;d{n$riPsb%B?TkIH}T-cm5eui`e6M}$Lm zzRf4S#2`#dC;!DrCs8ngEl1vl>?m*=O+JCTd?M=aH?XX zwXQaof89Dm+OT*{)FnFJMC+{=a0Se|6>O|x)y3+yY^~?&R`fMdRIKEhv8@Pn;aMP+ zYrEz8=53=iuUzF-E8V-yyX{lzrrh`3|5J;jVg?02p_AobfG)0{y{ihHQ8;wpIJ3{b zXg*Y00oJ$+)fY_CY{)lUR*{Ebg9Y|6-*ef4Pyl4$7(0DAxx4B7+yW*-xcqaIQ1Gr7Ab{KwPp6mJC>^KL(x(Ha9L;jlA7{^ zdt>Bz0dq1~DcO>MP>#nW%TR7d>)=KpZ2(8OASE#QivjC{$|uMjDUY826XgZ?4Hj|OT^bmvKG~~i9w%x>D`ryK z+*Vs_XboDP@~cZ@62m0^k97ApoO?&Gkg~g_lgZCdgm`L;z6|&?4Di&@TTyCW4iS=g z%BAp9Sg{<6sVJYJu&?>_Y2rSYb__{JO3jXHs5`&eg0ja`k&;uLm&UE)Y(%e%RClp{Q?&9&*S?C-Dce=g-Q z?7wGhvb$pW6xNSn{1sj4`q-breZ?|jm#T3RPf?1BA^-tpQL*@&C6k_HrW*hQ@YeDL zFtlo^YG3AA7>JYCp3hCru*0xbP*1gehv2+oT@pGoD6~ERTc)7F4#urKM-nk#x}!En z;)0Y3_fR8hssXV^Yc=hk68lZ@wt#F_idM z0t2RP?76%@#9E-BW?vAZ+44t?(?_{@Z*Lj%u-rdLt zue#)#`DX0_3A1w?UVY0xa2ByhCpd&}h5wShiWb1%LkrppRBz)k!V~YIdM%o2qXq`0 zufVl|4O;4!EkFW^WQT%eO~3D{JX!XrE3wj+Dp{HGmo9k{IYSjG3aXf-tY%9K{>UFi zhC-m?Nxhz;{5p>b;(S#e84_c$D9);0^9!IaQGSU^2<2yAdlgp?SPqm@PL8?h?lDT> z%{dBj8c}hXa@R?Y-i~rqjBpZB(R&hxs3`PTqWQ8~hVmFk^0z1Kh7@@j5{BnSIvHPZ zlO3CgvS)hw0-wO3uEcN%J=w8gf+0EF4`>%j;3Rr!FDgF*zm~!>1iTsNf(S)Zq0m}} zwhq_C8g+FbTkk1{Lf%Q21J<|asRwoz>ADS04#WYW8ZQxODu#enWIk=RFL9$4S+D49E)Jh5}N$n53>pPQW>K$&TlHq@y|d%v(kzs z@i-=oKk>hg*G%(|T~aj5W!f`X6mfb92AkkIP7)@ciIogF8jmt0cnZKDBw4eF7u62TVvFVl z()?wIO8IsCD@x2gPR3;?lm~Y7%5weSgVh3zIbxP)2mp@7xoODQBu<21EKiuA2GK;K zBH@|i?jRjNxL-6+#8Kta-_uOZUPo!Ihh9(9qNNwT|Bc5jdQ<#WIxgU7+v8-STQr#~ zh2QtT-ch=?3zY{bh2Op3*q&zmE&WTyE^DLtvn6NI25V_kkaQ*MEqeDrnLNYX>tCKfs!j5}Gr>S}fJV6XwxZ85xD7@lO0ZMs~U@(Rx z903S2NC?V1a{rr06r6#5s#>C?>JQ&DbF#;&-)+#4)jhH@9jUW-$ABGd9dB>v=n{S2 z8L;NI^Xz5Bd_crKT`sdg2-+SwUTb;{>6oOW58U<{Vd*o z8E^k1R%K&a*hD!_!Nm>TLZZxIcb^t|@;SpP6=KEfy?u1pGu*9YC60;UsC@>%;69w1qLvRK)|(!0B{e;A-G218m5E`mD~-GjL_H-NlH%) zOOf5|*6rX1i+0EAk=sBEUQp*c zW6!*r-=5zBaH_8wdmJ3^7hOYEHMhL^-5Y1YLWD^SE*7Vi1Lb1GL6ql8X>tQZKyl8! zq;ze1WP8K{CNsXFwDcvbC~>01RUo2e2{GF5`SX0WIbpEZiJc&ka<(B(5`0aY9pZcp zN#PI9#m-)M1PY!nP|{z4y@j(!2&%i)MilkWetWwHDH}e^ z<7u3rOZ21&VZu~G2Simtc1kW^M^3f!6Faa+VTi}sS&oNs!h9(y8+R(1#kgy#e!9T} zW7HN8Uf>WWBV3SxS54$^*?2>v8UGj9{tY3_;6#bV8AFk zwnhBLN&sxt9AGGmifRD7|KN#_UyoswmUta!hS4vaQN%&wlAv z_@08c6kA3OD3{W;T#ml-d7N5G_?-3=DOJcpWs*Y|Bj-42im~g?N3&*3n|ZD_Cpu%=3d!4koN1^ zOT1u2*#wmsZGsh3?Zrc{%q}#O{UV7&6mWQ5kSIey*60=OkKedirhT9&v^yAJz4spj z*rBodbJ_f90|niVtvkrutM6jp;Q}+A5Af_;-K2bT4g;DJcFn#IbTDd|nDfjBE<>T1 zj8G2VE95spiR1^Cu!CUmelW|X)>-!|{{(xQ?7sx%<2ao+@)LiW;y>-|9N7Nf`$sGP z@1;Cu{;zVfyD=ST0DlN$fzh9i%>(QD=u7_z5R6e#z)N%n$tVCpP`;4qiA*m6M=92! zZrR?&eGR(p1y<%o(m|N`Y?znc8~C%?WSNS|xVq0@A3yZNc8Z$$mZP%hD`Dk4`a-zRoJkmpPU)BdwBmeA`W$STnMx6|?2zoI1D_ z>-=$^CjLLg$z+UP;z>Gx8i1zwPltOB|35rj#eZDNWAJ}%vOCNIph5j1gaD&IT?+wI zobb)&yBJ|#Vb4%r#05cVh`hdnm6y)t{eiN+jAK;3DeqqRA_QpG1I2$Tju2#UX4f6d z=&_OM)XUOT$siSxEKK~{)a2=v^{e$Yg~#+CA?dh7(^sFh2-JZiW_TeNlZ$G&;^XX4 zg0WhLK!Z^o*J2CRmM7t1lDz+OchjW0(bY<8Do#-teF>6$S&Vz8-SpJtc^)mJq@*N*OH2ppF1o5|x;l@bM-dF9Y+U@lW9h(V%PkiIXTpab6$u{hfs9K+*d3Myy)nCB` z$p{j0ZhV0lt)1660*dlziN#5qZRkv{O-JZ{E))$hRE+lEqmSE_(ea>iCZ858rbi>kp$WNMJ z>TVtTv!>+7>q7d&p zD)s{r$e1v;c1`@lS@w8_}A-TrAQ7O#m{ExqL1tP)YF zo4`T)t23!to_Xp2WuA3M{}1+T`hPfB<^Nd9W6*y(sdqyE>%yD=Kukanp?>#Fpo$9^ znL+1d0Tc$O|FlmH^xts6mbpxQ2$h`6$x-Sc&EN2}3jFVNcLW9Zp*T{Olc{8xnMiB7 z;sg!Py!2nBTxi7t8tDJt;K;uJy}x^SxT62dcntb4CiPBOKy{9eABX{{PJUxWpj#F| zd({;SkYykl(K5ldF;+!5LOgMS$PaU8T%*oqGSltDCAt+Ue*C`pJ`-A-TlKqZggz`e*Rlaa;dW$Tp>NcQd&r@d&GCYy%Ioi1Kc!WVUivklP zXz^^RdtJ5bv(^~C! zsyUr{uj4Bpk7it|HDX&C)DW|K(SW_irVK!J*{3~7#2Fkf(l)I>N0Y9SJx99?NL}MB z2(0d+6^&Rj@Pa@RhxGwZya;oE3oN-3?b+@^igvwN)vr31LBjI&=KX(ucB+wswD1&p zgC~TxyOE-b5wXXz{bb7Y0$yAmF}#1(v3LZoM<_LhFy>bh-t%G~>X#w<)X)XnFV9}L z6{F_yG;6<%t9tM2s@=^BA2~NFm^O$Ow%oAOcZ@Zn_x%VJ#J)Q{cV9JNk9c|%eRkXD zL}8d+LV~WL&slj!tOTH$Fq+wwc_nv$w~tr;kH_#5olTPD9ECX|+aJRmL4r8XpZyMS zgZ#g{@A&`i><#u;^8Yd(F4r^iJBC?DV!yS1`sMOz68gDKD6stb=P>uI0j4AHDok4t zMQz;LC;@f-nbn9>WeCzzyTk>_Z+KJ2rC1q)@?=6rlp|go?xQrs5#qOE2xXeIi`OHZ zAW(1sW;s22C!FvzxY95D_(37BT4)TEj$VIKP<}E-+RXS1X0Rx(aUN*}zX}Yz{j{$A zdRcf>j-g#!#YvF}%Ah13gae72EaT#8-F-5j0F7as$ja=84xNr?z=yTYFjii8v8I{< z&~l}UuR&R`r!Rvw0N&C)S&Z-`i9n8uNkS+aFYp+VQJh|aB)&pyQ^uPry(BXcW>_^HU zw`;dz?}}}~t=Mb_SR)Gyz~YryDU|dgf7X~L?fCy9*1zWSpTk2t{>RS#&dUC`lxHdY ze*vT48UP8rK#9oh#{aJ5c0_hb>B#sW&Nwk1Ros=ImI`ftiqB3GdLED4rbh{>pvk0QNu$zsGzU=)dFsFpo6Y z`1U<2_*EH3-Ad3L<2wBXCLR)guir0ifbh}|j-7-G$j+kh%0AdzyI9I5p zkrTPF9$h_=?&z^SpyuP4yw0U$xtg8OS1&B4cc*x(QLR$MMJ&#ZFbJ(^!%k2Bv4N zE!XWuUp<~h$v;#MmN%Hb~`$XxDD(%H+i+}zdnsC7acJ_px`XOA!Yxyg@$VZ;Yo zw}2BYnHUIRlJLc-v26W_jBYt?@NRF{uKrdqK9|P*Fb#)Pk4X`^#`#sjbPdg8&#Y)7 zztSVVpQl0ockEtwaQ-*g+jr0Zc6V0t|1uu){?`ZrKH~<_m_gk2*h%%%rDk1#-^22X z{Lrwz3J%U2>}%h8E1$y|o>u#RK@)J}{@=Cz{|0-ztMmV*JXQN&9JJ58^>rIyCG_9zPw@Cbg#q1kaNPv!Q~S(84=!*;zw?n? zzXG?nDhAm4v~1jp`8CsZP90CTkKY-xD`rvqG|+#Ue`z5hu!;Wf?%MIc2S=;;-^+Qt z@*fL|g;SM%s~bjOuBEzY{~3--zYgWnA^w&w9YIn0f0Vu%eI6wyMc@WcB#jp*lhTBA zjq|Gn!ua386{12^=I!)GoN*Y!k&a=9lWR_Pq`ywT(QG`do zGJ$<5qh+~Xi7J+4JD)?*rWU-@1sSIWfoUj0RLb*rpHt$BN`Hf=f&MRc@lQNW^#9<% zj{iLv9IgESmhy=FlzhHBy8fq#X8U`8o-mKITm%f|1;(~l0F4U%%YRytS(Jvk?)xLmz9VP~0qyEaCP_F83?O7?|c#Sp}^(4x^3wu_()$y71O8Q(i^h;OmX6T$&ZP6b3 zFt}&RhnN0mINJUQCj_$`cj8LINf^>!Z}AnHkr_16|HD1o|9kh~=wLK($>r~znVvWP&>nY0fI1<^kGaUU? zwCkIdNjyX0+?|>cRE^7X3HDo^YgE(!GP3nz*8fKOe>m8&&;JgOc31YFr91}xKQ&X% z&rj^bGX3*CrR-V{x+dc+Ldffje={nc<1q_6w9zJ#KC3D3lFXAXQx{U#3ChPZy5-EM zXqD$f#7YCL(bO`H3F|NWZpA25W7yA8hKrcs{6>38;H3uOY?35rIEh1%DOwfF)CXRg zkQ)aXLTVpKA%f}hd^049Q>Qq4>#v~BOj?ca;yF=!yjdqBYhO>6>N@AoiYUx4 zYi+shu%uAtK~Z1C{V^&EI^QZMkoNIq`Atv8JquWUrMQ601y&Eb)u5_`D~pe;0(ECA zAj3K7U_yR35q8cK*bB$Jx3Ovcfg^=jUEd2sh ztAXOA6@`;LCO4;?^B>PJbXL`lQc9ONQh|sC|CGKGL!5(xV3t`6rPH4ZP+$=As52K- zT0!9zideB|lA!|pysh)#G8m+83q|Sl@gzfmH!xPoDtPe)3Q{oh|$K zF#e39C+W1SxiTVowHvB$*z}9I=xmkR>uQo#udJ0H-Rk*EJN^GWgVzh00UGrG-J=8N z{?G2wO8;NVBjbPasb0v@!%&;WqPhS2zv@WGW`K5rAdA58hkJ}V3#V{{f2bB-@sy_O zH#gI|Y1_DwGc1>h6)w|;&_^k}NRXW_qAbQjbdDzld5lnYinALBgcB+w70xm3TvLXV zB(dC690x=eTh$qDCo}+WS&x&x#cU8fy0|fxz-q)3RX`K@%Fze}s;L>8pt`)~`($Cz zrnVJ4#~Zn%C7d%pXhECEAyqKm@|=RY)kRN_Bx5@=xjQP)Ht06Bo0DAlq&TI z6V*tBFbOA=#6?ffpXGRx`40@7V)mMv+bHVa#j1u!+#9rTer+M(RrCL7?)!fB)4=}^ z_6OGeznz1FRs6^0Jcj-M@vCzn%v>;yL|E`eMS`dzg4cbJ0-|&dSI;K%hmF!gOu2F3DUd83_bYDz)PfdE$N(++Rs*{A zIj@_#Ur_3Wd*z2YcXytA&UoB0*1n#HLZP%F65O(%X8s#3+Rq3VG+(SzoMBQ*g&63>;jTcP|)jH zwZwV8s#E^upX#7uMCuYJvdXcMJJH;#)j)&C{OBhD!7H4i`Yelbwq<+usTEZeeYv=2 z%%WJfA{wrA&D;JN{F5#yfuD$+M=+pWVo`yw&`rVa3gqb1B+kv$LL%LusLjWrl!L!i z1?y*$JIbdhF9Hx02f=e;<#0^fPyIb(TAz(#^n z(C>l0_9Fzyj;mY=1KGpgk7cGQ8+lx58np+)gy#H}{Xxo1ecK25L-!dLU|8u8&QRUBt zcyDznXn+|K2%!(h5?I@=#Iu`{X#)^q;C#CrJzo zw5T1h>HKeSxaY?ISkeEbJO=%zN-Pj_z9{9_me0K<`9>c)zs(`W*@@BLy^T-nhjpz% zyu4Fe+#;bfE+OUww3NfB3)ZL)ZLYJA_%Tf~WP$(uX8Uwd$OH0<|1Ht`)-d^=i~L3FFVn z=IZG`6&on=UyK1X(f{3nqyOz4tn|O7JRbV5^71T3{JBfpJ*ND;19w68r7L3)v~oO9 zRUFzUJQFQxzLM6(L#h$mM5{lyZB$b zzW85ztN6c5c?|mhoK88Qa}M~VgBL1E-2BYIT1fYnCpi7+nl;4Z%MyHD^3IgI?Thlh z?41^_mTS}`No1(W4a=*&?sj3Vdwq|i)pLwx5>4-&fXXDIB%dJLcUuQmoj%k*m{v|e z^J6(8hO@rRu^IbPi9#oV;ukHCX6fUW#32g&c$@h^OO2>LrD!Wq3lDWo_#45}b8VWY*c$rt+ zNtCa-8m)e=Td5fo=Q|k^x{9&{!~|TR5RVa+26!`@j4MKLfpKE9IO!HGTj2ifE_c%q zqC(J?%O`89l%`~t)m5@S%6IkA@wiw!qfS>yg`aisT%SrS7qUDArS%^Lbxawk`xP9J z457}Z$%jtERnJncGC}gi-sCf0*(ctU**x(@izXsf?&Muxpfx1^g@t}=EZxhftGlmr z-hI`H&KoqwQ^apwurv)3=9DJOk{f_iK&dAPEf(I?z7}Rmi!{@Kvj|S)RM`F*yp>tR z5!)OE;Dvcv&SfKjrYL2kP!OCJn2Lx<6yYgKQBisn2_ONdd(M)tgOwu~#a#iTLL`}F zwV>|BWoCoZiDdm)<@DDU*aZ|xLfCq>5u?(gCC{)+Iu?_!CxBY_YU^=ADD^+9Y5fwl zj|o;9%I#DY&x_|=`Z2)RGEZe!mF(nPV!FFa;|uop9hdRu?5`~$eoy_KW!7S1`D5LA z2fi#ZgnYIBPw9k7knZUI$Kk=AbN}OTW&dB!W7z-Ca0KL>12O4~8Uvam^4$+RfYXnT zO#m_;jb+HUnx&{1#E2_gbmIJKRt=m-l{cVgcR*S%P$(D7F}KH-ib=~Zb>wbrfj5sn zG&DJuFHwGpXp7f*OpsBa&L#To>&LH;!ATT>Vv=PE8l#lJ1YA-%s$k7UXc~v802>FJ zU}vxicIkinJ+SdQO>V&T2&Jk>TmV=U@ntFmDlQKGRA}N>kHO@vzN4c4TT~EM5?)Zn zAcO^??ea`DqO+ITvk$#*__xo}7v7-3^1nj;;pq=k~J{~rC~EH%qUoG7?P+{%Y5Dmy_XKB z(tV}OVXz%v{9MTi{F-nD`i-4DWi#vvD$}yVdj0Co`(uxsB-ik!2te>UeSxL!SFvTkTF(D-(zrXTFbP`BM_(HSJ9AW!S|gs z$fo#JtJ&IOb($IzV_X+@!ipSWMVR22RTZw8FEP;WBz^y9{`ym`|L2G?4!%JaasY4g z|2rDk`G1ZM2dn&_OL+|a{|%pV83S-Z&EHr+_g3$>deQa4zZMKoa`{FzTqKt%f?4hW z8~w2S0cEJPc7Ei#imsnuaMD_AQmQWxd)g@M-C^dJo?f9T$^%1+dJ5xYlHW;iHnTU5 zY}843HjjhGW0WQMhRP3ir&#bjy1Zro6?CtoA@LoF&)VVlysZx`?}ew^ZiBP;_`mQ) z0D{vTr}Qshr_rb7c3Q2gO~BS%r`^xW?a`%#QN#ZyDT&AEG=W9&O56jRuZ;%&zqh-) z@5KM#S@Hj+JSP9=Qx4dicXAQTUPSj-3~)NqwIm=~ud>{{df%WP5_ zBVWQR1d2(HKul<_0OX_G@As9_-vVG}PH(s_U|^Zy$oAc2oVVI)Z#9iRRb5^Xpbaal zTsGdL0~@-w4%$sm>dcLE$-#dN;CpY4a+9Usg5z{omZjoKiaobXF5@XmH^uP~rC!c~ z!(EMy-BW8|+;=|vPwf$g!uI}IO@5rGTK+4HOxBA?fKBq>-i{;x9jx*{FXu7jKM}JK zh&k^>0(6(ry_ErdUFlj1ETFuZDJ49k4gUF*&Cc;dkp#wjIn+efd%SO!FoZ2S!LPbV zxMUv%Sa?;Pi>vnC8>;2Ebv@*Ohfhl>&T6ugd#D!7#_OnJULR`cSCrwC`w+k=+A-g4 z-PPsPn$FC5M|B2>?FMLuA*zwvzWvqJuGT?C7u)!aToM!9P8*9CBw&mSTKL=~8=SD} z{!5Sz()$O+hd%gi!b97GYm}Fzs_tFrXw})m#2~KZ#>Jm%`A^Gn{w#+fIzxHPT!L{L z%@z^3LH^r0Jh0+F?d~3}?*A_5G339u<&*<9=YUT-5VO9hELgjw?yXqZ(5tQ`#LKdc zwzk6gBL~;^%@i4RyzVrf@SWf!5_FL)sftgi?h$K1dv(pRd#d`Y7RQ%*@ujf08v2hD zltZx$?lS)C{?VbG|M6&VcV|Wam+_eNznt=gNqq_G{t|Y*4_%XS4frxb!0XMKn!fg- zCD|_V$#7JSjE{6Lh=nq8_yLu4oS#5hKG!&-buho}N2&8hU%mPYgt-L-LC;FRr~t@x zb-XV9)v6lzF)Ss^m;gBxrvaWd1sxrZeITli2D4eQTz~ve zHg`^fHtx&n4RfLO>k8dGVhtK^g`X?WIOrb+nS798_QCIR+tevOkv+K@Tg{5653^v) znsmIu#SqqaLM(j4jSD~djKT>)EVJf$I6~1Rp+C-YG(@@f%2}oC5{TG28|IP~Z)JP_ znQd6FyzY#S@UlVqSIec!u$LlfoU)LtfxgvyJ*$hX^y{HfrVQ&t0uT%n49Ves(3`9G z4q1@{0YN$$U!dGs06HRer&&lfxt6%=zFNduQO;o~1!ga=kZ|)?Z~W(xyqcJE_MZRE zE9>v;>T5X*OKNr96iG{|BG)MP+}na_+6%uki0!<~I-MGL#o_K~Nf^>MOWfA;&q%0no3A z;iZ@K#Eo*`^c(=?H9H-Y5s9fje3Ma)u$V_1`b+KxTS~R|I1FKuT)^;3B-b_u#uqxK zW`SyrdIFj^-89vzyThcsm+YJ#`q`5Zk4Qd2n{plU73Vu=G{&g$kWsd;-6pO%;^b$A z1tOau9HH=vHdy0_Wt??Y;bnP+wL31{U~#Q#VD|h+hMw-WI{fpGf_(ybk|gfHc>J%v zRE6bhaV9upPa6A1v8zA&i|M482aBSo9dS^6PjQ*ieN2e{e~K$z-}g` zQ145}+M#ri)Fej!r*joXL{89ELvI9yvic*IWLDw+2yhjw`W#woSw>v;zvvmG<=C8PhK#pKQRlo z)?*=FvkIn7Sh*?qOY1gX*TP$|rhe4`NbBx<-jHkKmgdc>_N#}$IX2XLX-t(ID|cz? zRa)H;Vp_I{H^&4DF{6TH98K%rqo^6`NHEC4J}dVeBepL47{t*oY5WADZpn&Wy$cjg`5Y z{Wx|m$@P7TGz%khg?!p`TXM*nV~22V(0$+aCfRBR$!OtbDUgbG#j7oKioxzTUTN1B zfvQEplw}xZZXy3%_~qPY`Hu_iiyQ+q$bY*B`?mf6=xDIY|GAXMkpK8pgAHkK=yfXx zR;qsYO$d}7>Dnhqj=Ris5d@~-q*GF(tic?OFD{2PKDT0#wpc15%q5h{%3LJnBUvqv zT3zx9qw1S|??`u18NuQ#N5l9t2)2U~o`;E7GVc;`f&q_{#Mm38y!#sF5hxN^jKKTt z53RaZ8ObHinN|Acb$!Q_sEI=vbW;@OL+|bFQ>X&wqIkTzHf}b>`K?He~hAdGIp5$dJ+G}6$Ko% zO4K&Q0P(IxxReT@tZ4%zdoxq~6~<)*CL1YIe+Mton6k4u7|MGN;)BIX{uTTy*aRG` z#Z(wOmQyDgvcRMV=H(}%hd5WA;^V{J%0z3&hR22|Cwk0(@n*~~6)t2Nd;sX*FXC}5 zeAo0(o-+;+wNyh4d|4fUtezJ9U&=Xm$NvxZ?fkEU-M!WM&r%+P|0_|rQ~qD$y>Q?7 zf7z9l>c6P!uj$i2p7P(^xt03AQvbh$r}%Gn=;OCR2t0e zHEgaEO-z#=YLPsw15vzOMofs~!3gx8wG+_W@6eTiz7o)X+^1Ro=T|xI(En%e=!??0cD|87)?c`L+gWErYGnf~s00LzI#Rk}9tb@gbC@7(z)i_00ffZnSBM=&cX8F=P zFkRc0P57R0lilWyC{tK;mN}v>g~OUdx|?%Mn3#4e`I$*691#R)(K=v~SQNG{<%Gsh zJr&)~Sp`fhr2SQosjp)xb4=LfXHPPrizp_rh71!top;;n3-{i~Oq~ca1O)CJ1OVqC zuwVye_AV`rghf~wHBvOz9n7{XdX|VYU5-!1h_yE7+wHk(FQc@Yqy-5`5M*|3WGzlB zB}E^c@bRZ5CqNvq3de1k>K8v(}m6xA&n&cNXN+uE>ORx(|-6tQl+CAM|-o8P!o2dUveg+N>3mGzNoL>4Sy4xPw zOJVlj)ks`^F`@Y#3E9Zer%9ZnsF_VEIzRzD3IO}JS3!c5S~G7W6aa06n^F9YNDjA9LlOvW zO#WTf;E(G!QbYgC=*V}Q|7quFcgObs*xg;-|6a<&=|9~wXTn(Yhnn_olzxLuIF zjSC>n(}r(pJmg@!`G-w>D#CZ4q>*Z(A`Z1o6EcFuKiEkkEgp!%K@V)K>*MMKTi*T| zJf(tb%vf5En3*@p5sYpCRBhUp%CdjjkXN0Y3i|vyO>US)jsXi{N?EnUv&jzYPOxvp zW-~@IF^Dk{)3&I0dXtaujXlAJ%Vs%^JY!IarO(S%49AJyq=e3fW;`i~XKY%C_N^W- z{pWrHopFFh`G0@UrvHb7mHfYyhb?^R_ty#K7yhE2+zOTQK3%t(AioAc0xwWfaFL$> zE#-azo=SmfiV06b#0zRK+|rR!5twdZeQ&{#JpJmxR2Ru2CRq?OQhkZ0&Ppep?d1s^ zkBx3MTIb8;w$9sBiJj809^SihI?C#~1i_*{f+00o76k7QzwIdTK`Mi9bWG!NZWH*4ifG0{&1|cf}33-z< zB=wsr6?_hy6g3QAhKYtaduL(I^Yol~N^4)NIw_8juZDW>_`dL5vaEeq&vL!5X+hVQ zh4)D$aOFSTe63aP6tZ%h67hEhl3KUhpjsC9AgsX>&eqx+%fY$^bps6RfHgOsZm79v z(+OGF(**@bbU^)XkG=+iA@5%%(%D&GuiEagR)YNEjiF|1)5-x#RWnJ5$E!zcfYX(B z4m*}Jd8!=3X|MP@w)Xft(S~?0Tl@+pS%yTC&T^tfs>*WWwbW1orkj|H7Ti?j2(H|M zEXS=W6oTNDn5e+(SH=WMV=jGGijpJx1aMiM-LH|&spA9vo=uYpV;rZiG_u4Nnni?p z&hNfn(&sLh=-txc`rPAeS=s5V)zmor#@)+`eR|X(1MlWUoYO4YOU@HNV4)gad zZ96W?-MeYo7y7I$l+AbgDwATiqv>Y#c`o%;AmFj-tQXVptra=pG?^3x<IU42Tton*@S~foD!g+k$F$wgBEna#o7u$mr4l%gus0uNYbOhK zOV$|j22IPf8JN?-$Ts&aO3oO(4CQx8*M1mM!v-r(=O#Jd+M=;~W_fDuf8t*%pYznv z+aE)&!+(rtNC)0<{y#Vx*zrI1_ID3g_P=F3*7<)ZO*CD|1Yv3KS+XC1X#!;a0JG>m z8sc480c)aNmE(PTyQY2|doFt25z(D>|D(?Y_pSAZ3YTW+^yY~J+*jf4iFXgfJ zzc#&HPyh|weWL*e>K&g2IAlN{c3ohTk^qSQ zK=1;GFbR65`f8sh$c7Xs`+%bPxWL<)8N-g3tqX+Q(D}EwYu=WmGgCQ)e{wx`R{9@j zPvJODnn=F!G|>OugM)!B{|$Cm@qd=`SoB{`ZxVci z9a%3+76gV@I#oZ9)5`>%)7JqA&T=$F`Qr&pV9;q2(F8UXanA3Wc^Z%n^&U>&7P$dYK=T>1)#>yQ3rNkDBz#_nU($*s3>Bb zo(zX^8k2TvU<3W%8#wfTe|7%1q{pKF=X`pBoZl|!zO`iT8@YGTziX|~YS1LtP`+(2 z_K9+~xi3a35&rinYSQ~uTN@rsb$Y9@9zo#W@!t$yu2%Zdak}! z`a3z0`2AgPtGX5~OOy`iQgszydU7oe6AZ~ARSn~m1U=jNT!FUZ{=8b`JNkG(frjvGfCMCUr60+Vt_r92X~OMUXpI7Vf=s?_a8VaZj~?Qu9E z5~)OsNw5e|a&}dnySbZ3n0dMXNlsuRK@i+>v+PP-*h&%vK73fd1>dsa-@f(ImjAno zkxw)8FTOLDr~f}F<$pTbKRVv02N8|}6ftmE*5|i$ELn;; zqEM8>vky8zu-I-`tnY;`<=kCwn1rvmbfo_}PDiJ35KZ*|=+KJ)d3boXvHx68vFLvm z!ey!CU$2_4lKSVsFPHdhRBveihW3B8w7+fF%QOGn@E}Vqb@X2)D_l4XRHOWVX5arD z9G-3N|JPCq^j{~?T#1XgmAiD2;1o4YebE>dM#AKpM9EISZk-6WMdS)s5@bVX-_6t8 z=(k%S3q2xNJPT`n=JW!$L0r@!Jez}ZoD1E>*W(wiL0+MMc#f~ykQ5qs8$a={vAF3! zBMH1+Q~byMgHzl8`{3;CbR++-rO5nuD501#6fG?VWSqD7#o|C3Fm#CpSq1u%%|4zm zD+-*5Dfa>=ebAo}$}Sd_AnKZNZliVg7+SuxyO z`KH`l5G~>*)){cH&e0OPM#?OuH|Y>2vvQ#BsDym=E-g^zqacRP^Z$V)cOikn-X}jH z(Z9&eRgC=kDL|9_cUIE>?jN3P?EltMp+8~HTFqYJDP|JFD4pJ* zgbzv90%IIuIza*W7rCJ_Z!Lp3DmHzzx`H>P-E9HKUDasxNHkitpzRjj^^E2s9P$SLMQ*OMgAo84BR{{fXmLs|azf_% z@8gB^-wpIXKygTBXo?~>KM&AE|BsJOZ2j-SCjS3=ipt)^XPHm(@>qZ%Yx4_m0SSsj z>_ci3LjBwmb?!06B&s8vBn$*?$3DD5%%GS2FUaXTNQg{#B}rxi8M>XRJd-(A^$Y%4 zN|9_wunYiw##9i?m;_Ybw?^oJOIOtELbYssFN<(xe!Xf0R#f`zxj_})aX}R_B%Jg%DTnyparGTTN;w6Ur*~-;prH(e3*<;Daj4vWfZ5 z5Hy8z9v4;1NiD5!`cwG%eFX0z4&hBGl3lj?<|<8YQGa_|4y5pYSXAG420>eu7ax}= z!ED4UR<2Iu(+w;+N&_JApcxcVZJumGk3uS6UumHK3(NlhsfGXF*|DAf^X%wsWBCU;Ug#Z-u=QYI;ilBZJkpT;3FGE4`E z;sgaw(K?*v!nL5~TKc6El7<1eK_E#ZLE#<3d<+v9hA6~zD!ZD(&v=?n9bLK_=Pg4f z1nFCRk0K!@JGy~B!}q8p0r3gLV~!)F^#6BI)JDQ`)HX6HiEH5cI71hNdA zDV&KwCZZdSa8Z9o8JYq)5xfnQOmW0ddCdM_c|D)sAQFnj_c&tc7A2m%C}&C~u#@W* zD2UKKO7hkM5Tp`D=^rK32P{+rJs&fa{GcXj2(GVRxn6*fFCvMG5RZ{iQ;;!$VxNfN zP9V)E8+}H8D)2Qxm`zXup38NE07=9}Hww1J7{rPjV-yA)bc)zc6>tFZUjhW)sp^aF z04z-eLVSxkl~r+LQbwkbVIT5U7$Dwv;DKKzd?BbNFkkV&Emq8YX|UucQr%RUo5C?`eQ3P1Ws=Gx#A>2yHyh0z?pxNi=J(Fynb)s4w}1Oh2Wpy^g>B&fViGKz z{=JF+J2~1vwe!E9oE>cVzjYLO|4)MD@qaN19K2r*)3>C2?~*p86a`Yf5(SEYUXq~G zaVZ9{BwPQYLEIaiV!6g}f&^aqqq&%Aer#~+%Nw~WGyx;Oib1x1gWjR+14|wn(FA~(iYHY z&YhBhmnDREuoz8uTpWlXnm@E#`=M&l50mJ}1p4R_C71+?Lz;X1wXN18r4`U5L{i3H zcp({0wOUAmDEVn3zwffcOqLqW4 zeQ_1ThX^Ihg1f9Zt{n!BFneAYO7ThC;S|1F(~#OM=zC$LxbR|D&FB?bTE>53Mg59O zz5JKkzhi5-oMM_PTLk=4FuShiRvcfC7TRBEzq?p$qK6Cn0DTguL zgkp9mfbx1IqBuZ1fD-T^Tp+QyR_CvjKO`fh;4s$ecCYJx-Vo|XT-wwB+`yeM zywNCc*Gd#49v3NhZmd_bbE~D?SszBT^(5O^WrYZ=s-cd=+Uzw0rX!VZW5_2i0K)Kn zY$Lh+LCll}iw z3;KU}Waoc7JUiIf|F5NF_J2zz{2RHyg;mZ{W&XmDErGxAt|aZ3zO0ki3zc<_FKwD* z+UYdVwzBYUwrn#4s?i;gcTf(wUTmV0$Yn!Azm^7+52a+TZj1Ehnz7@=NXfo>h*>0g ziWqp9pr}0l+$K&B{-X_)6^*6>PII-kgVXq8sc<&&WgCuT{iQwq*AKfh0ZsJ(s1*P0 z=mD$?8DQ}81J{D-WlQ zfOhfjOk`IFx_e?TIBW3j0@v9KrPxJ_h;;@|vru(eqbrV4*G73#j8SJsr_)fbAS_)0 zDR~&W3@@AbbMurk{Uzo+~A8~dNN6tVwb5g2erCInQP6w;PkUhYbhFL({_5TL2_`sDmUf&`Pv zd4YeNzkUT!l8}TpTOCL~UPoX=ea%o?T!`@UkcsnN!+1cqn_E_6^o%fyULl^ms|S=Y zJjOm`s9PWTcP)C6?g5=T&_N*^+rF5>TLdoCFjU>pPW_ZTB3cZl5JtFLcSRSN7QMau z{``5T9+DgAw`ljJN?ZUgB8HMN^t;V}mdrwb-J(m)=yvKzv%&2rX08cwHoqaqUvH_T z|C~cxk^s=i|J(T=4^B=GPd4;_9i^Z?gSr09ymA9gQIk!czQ7EiDh59{?F-V|F5M;-F`mR;3|d> zd;!d>`gd}^trEOAzuc`#xnk5Rk2{PGQ)ieY4G^}o>FztDc2+m*D2;MkzvI1NMT@A+g~VyLJ& zmofgwB$u*7=ux(0A?LQZIbLwAohfo=VHD-SFvzBr2MM*dpa!&(AqO zgj7VRl4h}nbx*tPBEHYW@-A^Oc3l~QR(*p}L;tmUWML_wQU7;(Xw(1wqs{&QT8dow zda9R4{d3(~H`?JS4*;tt@r4u)}}10RMY>G>UwTIpo#t;9@_SQ`zJ@6`~S5Raf*~LIhMuXIIj-V>8DDN3Y0fb?)2c<)e%AVr?2BoVe<99J!SvC>>MmiDy($|$b0X)6U>lKJ%v5B&F zpz!5dGz5hn*Q_P@3e*Jlx%2px1*Pp$@~p_T|LunGLblyL{QJf@=Do+`t9%{^-(p|9@=j|4;Y#H~0T*Dbg_T z`}60^qWIFTvJ;t?pP2Hpc2&xcXW^5esWbn8dhH^YiDg{rg6L!>_$MY0A%2$_2hs34 z_yyik6PwVPD`@s_cYDAUdtTWshQrnG@p3GSaT9#=wY+r@3-QYmzKb#N!;~`g3l0#t zLo*N%M8)C}nJjkzq%@r(5U?OuvK#|M(b1|+S$?Ub|H9*I2@F6J{XaRi{r^u-Huit( zDeC-_u9{0y0c5^{9T@=iRR=|YUZd?)0lIcKZGif!$au&{4$edNunx6=>T9DJc*LyG zqWp^75nWg>x&9p8&2^dJW{l+GhtfCuTjG$^0rY2Lks9g0a=~AO4QQnQMsY72_^vD4WDG2%s1h_0th@_M|KcC42pAnRy%RtxmFq%4 z*?CG<%xaeSKN(?bo$=oe_K%KA@!w81`5)I(7Kqa(KE0kG&{w;luaA3^x>zx!yRwvp zfNxJgGc#HEVAl*fpNEPNL)tZ+>*O;PVRrc6K!L}q{g5N3;=2KvVwT0N?JFb|W7|KO za@+^S7Q}qKy+_GIf*G=)D|ET*^bqtwU%oGSR+_!J99F+R0d`XsDwXHIc2i#c{r|zq zi5>s%^yFZFbN;WRh!a@}!Q$ATWe&-lUsv3+V1iY4aWFyQv=GKy5dus>N>dnyGm)cY z0^=A(0FF6Z&CeYi-D>JGPRJC%C_D3|Y=8sNk8*|gNs=HxG%3e<4&4I|Ly_$RQZ76& z0{V>n15U&Kf|SMxI1UbZ9wm(9N`y;i z1pMvl?VG;Y-fqF0oeRr(K6gMTXMC0Y*#; zCoF+JGnyb#sItr6ARnfjfoA!vXJZ-mcQU5=f`MDaD2QRgX9`joYJf8snDLduXZ#j@ z22;rV2@+4mqIrNxkViog)^BSH$gNFMKVdX8a?Yn zj`VD(L-0SN{~3Y5+{^#3kVXN#A@@2=u4m4RGXTV6C#dTDKRnz&^Y*>{J&*5hd>fGj zEv=7+^MC*3$kzWJot$pY|Fx7Ya0wYhNhA&rIq@>n<4uagfNzNy`giaaQLncpPkEZg zF-aH&bb`VV+=k>vZeASS?tlb^kl}lNG_#5E97aKJ3qTm~fg2wnW3gjvEpSQg{ z*HtV*0x?QJh$H0nycbuWt{6#BZwow^Z1~U5uRwqk+VgHP+Y|pv@O$3Pzmq-juYNGO z-Q)l0pY%T3%Nx3Z{#_b_F%A*!J@x2A+*!y#rEQ4aMujeL1kpc7?j^~gO6NsJN?Tu;#Ky98w{7l6E9$ou5nZRCqvA6OnI zKZGO2e-ny~jyc1W_bdh{d;$fxjHBD$7Km|-#Cd6tCLn^dRy-_c@^joNO;3Wx{OI># z#A_DN!)7rW>gn%kDxh>dN^2z1?8#T^7l_j74N5pm%DKuLfsO=CQN&OH5cDU2;VA+$ zl7cC`6KzGedWQ1GC99Y-@pMPwRWocbjxz}ODJ}n$iw0@cJ0oCB!jL?GD>Q`>!@jP_ zn;A?Pi|KH0kD}>4N<5O>?rrz(_14hmqdj_Sq)O*y&g%{0&1cB0M^JC8C5kkHjGnyW zxTQyCHum0D&FJNN)nFuO93sW_Ye4N$30aSS*@JPMA0P)`1IgPIquBKS-OKYAuU~r8 zV2OP+>3|wUnIjJ+C9{{F$iG>pgw?%lW%E7jJ$Xg6p3yuE6u3&fi^w zi!1Qv?KOD)^8C#;xPA-1e+e$$TwR~PdiC-JcyaOW<@4)T|9JYe*VCsb1Rs7v;k4NO z$Ltv9VyH(adjaw39wRaKMQUJy2j#lq~VbWrp z1M?pMP5PhX!&3gQ^+QF469@8#Hz0c4fHUiW=&hlF@46ILU28z3fXo z2HL7m^&(6guhQ`te=gkQnO&G(DfcquwE0>!<>f5^C_&f0ZL1CoCKgZVy?;H61;qLj zVR!bswy^>I=5y73pcddU&%Sb)=fe4CA9$wejD}Ix1li>wP}iE)duKCz{H`{I!bzFl z8rCf0R-m$u@nC4d;uwVmfccBY$RFlF4M+k8=+}IL`p;#Asf)}0HW;93%x2lk?QPkf z)Q@Eq%R}__D_KALDd)>w>9^ld6y(S=Y!x%m-jD!Yl7#h5FvJQ_HHx2SzodDpxNXUR z7Se}qP;&xOlccVDghsVs57w`mTx)$<+uIYDN12hN0=91q>|Pl!>5aJ!eg`bUQ)6Zi zWp|opH!bc4;%?CPZ-=zED(&h2CoygFZ~;yFpZ()g+yD3Ua1;MyEk)3Ol^9%F%OD^x zclm(;gFr<1hv6lWx{w4wiv?&+*7d$OD62uSUa5w76BRwHus7|;9M!|U) zPvDz$3QkN#%r~e(`MOK1{qMsV-Y7eSISzm({_pUxy#F`%f9olV|6^&AUGgU+POxxK z&U6og@p}Q0P{1&)`>Eml%movO?)@MK{%VX~@y+KKY7@{5~dzk?r7lTWmI2coBE7H&**u9w*?;5otr1-r&XRj3S z3t_c{f?X$k4VS6<=EM0djwpkXU-x|?hx;aPhF8t5PcjEr;VyJ#K`d)4ZHyj{8AiqN zmHH@;12P1Eq5b@G?+(q3UqU?u@>>?`uZ$`jwthRaa`CAw7-0==?t*Xw)47?&XAzrs}ow>T8&zEBMjdW)B}2J)gV#8a#+-Gy=D;ASS~@x_}f zUKdBVfX2w*_Iej%pbmA}NandI?FeP)p4`bcRgRlb0I#5}Ul#d|`#ej-h}NJR%GQ9Y zQu)4Sjb!vdU56G{Ve3Vh!Hd4$zU1*<=x$w5lN-l$0j)`gIyN+77om0n0vtg?C zjp~T4tg8)E4Wuuw9m2qt1G00atz!XqaZ8hl_)tpCTyWMJSQtO~7 zZPpx1c@njJzZSoCZ0n8k=IbmC{J$h{D4~0wP;`$I5(y<~H&LL0|3BJ4u;agrkT4tm ze+|X7|1f44+`|OJn-EnieY2(E8Q=Y^J~PfX6y58mLhR2^GV9o<{sc|4keBH1XqFp^ zWfoy(Ykhx${5w@I#8k)J+%BA!<|k5B@IykTMmqRa!6Gwm$&+6F_&b_u=ynZ@O%p=J z!5OCO8O+kiEo)bHHDj74tO{46-khi@SCk5&ifd=r zl}P3CufG4TU;or?!@L*{HN7vR&k2FC4V3!L+KQS9aD80~Y16(hbduXx?$>iM`yPE$I<6HGyeW=dTp;3XsTkyvp zecA7222R2CBZqSBHgfIve@v1&oq(I}|M%_u--r7LXB+#^wUpximv-_C?tlHcFgd41 z6=ZI%uZ;B#?v!&WpLe9OzBniH%5xtUqAkZ!p^f$Xyg3EAG_4mJ^4+3szi1{m@Rv?p z=4VE&!gFn6Z=NU;qzR!+`)=vKjaKv{ajuxg`sJ47Ez2K&rkz(DZvj zRCJd^(^oh9sQ(U05Bh%gbsBTRcBMW8vJu1KRm4_(wOWK3DvF2VS)LE@MH!6aN(+r9lOAv3>}c0$h!3@XS14-_1bi4N{n9upIh5qO0xa9w{f4Is2vz8()A>Lep=dI4Fd_j0YL<`^abHiZ% zF4t#dKcw+=;a$OESA8j4RbR><(y2R(@R3)t0zz!ee!G_X{huI8(!@t}?~{+_jQ-H9 z|2f?+?f=95P5#%llp+hmk`(QYp$ay`ryP&5ut&udz8ajl0VfImOa-&Ws}W(&yU zjeSx#cq>o~doC@H{GJ2)HkKTnar;)(@M@mBI4&^AqVw2Ii2?l`&9pTqxnc>9Znvwf z&2l!;z^cfDqwhGS`B^(mJ_-yzQ7900Yx5(jq;0R5i>$js|Ge{C#JYZKMrSHP9H%!S z_VeoUbI+W)vSEa(6esu|GIWPZy8K6}bZdS73*++nVn8(B|JnW@hX=<88~x8(ia479 z0N|aPYG6#XK8&i*qP()f{tZZydv}Qp*t+poygJQZ-o|Nxg%lc&tZ~ltiT3GGbBA?} zD$^!EP9>kIlQzbwsG#3Z(Uc^!LX|0+W>rcIX$7d|71V;|zA&+ZK+t_M26t#Cy^0ji#+g1SY|$}^U^1(Y4(#GJ z>baG%@aq`ZckYTa*)G4y85M&YnPN(Dbju&}_QgOf12|3b_2(uC=vTWR9h1xh+dwkK z&c0;M*7G>#Te$GXtEKyz4Kcsa&x?8PUdtNbFDi3lJ_~&?D184r_!q$u=YXgU^upehR;A(mXC#5QXzvq@<16|1^5g#; zAKCGr5BEb#d7f9W0A5K zUgmAtSW$6~rqz6u#eSZ0=q@3f$QQh=?2&0xBHqySCV#GeleN^W1D8tuH7M_7c?`)pY>|lF6Q!|s~>pp>LY**Qsq2k z_44GNgfDm-!~Z5TDHkdWoEQ&GaI-~{J<1x+&|MmX+AN7uU;d=f{X;^g_Yz+TBYb4GJQ+dq(Xc zf2^g5<3-IX$^?Ht-7R*ybl@o zK+?Tw#QLC5IVJ1|=)Mp7DlJC8NCYJde#RR<54O-RbJ zXMLl)tiDM9|7l8Z#V1-fa}f#p4)hKIf1w@_42jm4Kp<;~x2cS@4{q^2ia<75;&Kst!ehQq8m#1TGsMk_Q3G2=3 z1>LV3;Z@L9O_tZ{Yxg!RUqj^dza{^NKPybEBLBn5u^sBAwK?yaV?>@OIMG_qKcEP*v&!5lH82?N+p&Fha zB;C*@3FsWHT#`Vykm;&KmFMP-je0%Cx36JbY#@7_kH}9DvtiYdoJ0*Dh6ot;jaG{& zv8ulO%uo`+5L`qIC1a5@d4xajK6#f%Bixne@2J;%27b^{Ucv4&Fe=s(0WoFs&%k*! zll4RvSoGOPD4;rUE%X^m=#Gq~$R-JS05AeVW_jd?;-9Ff^FJUyT^SLmKmU(TPfPh9 z4$n?E{y%Fe+4(Q_HF!b%bc!Nr(kW=ck0H5%q0k$>kQa!wCu5`%X)O)tgrs30G#U|- z;iqpzINsx0(v`vJ|JmQ)AIV>@afGMoRAhPv zqT6$+Y;4uDF@P})!yD+|=`+EL6LN#pzHA!6hzb{wQQHAb7>m^a^mZ2A2{(H1FhP+x zeWVa7(p1ar^ZK$hME59c8i0yReW|0oEO7u}#C&@II{bGQRibAH zT_FT+P)HsedqDT6ZWStbL7N#c2jG1WKR80Ir4` zM={3$Vw7MK=pOPJSa<-%hTBcRJOfa3To}Pp24FS3vL!TzI7}0CJxLIqkT6)<07?zF z8NwU`psDX8N|!%?Qp4>A(A(YJ?e*Lz!LZjGjYcy#4SR*bNRP046d_8b9id|b4#B~` zv}rTfcJ{QmV20pCJhf**Keq=r1P98l6@N(}4toG_xs|1HXAn-D5FA!OaJpZKhtX)H zX7Q!6Ixyx(6lw*JZDPzK}7a*mKG$}+n3t$;mqH)1f_L%{jrUXPEp zuyJ_n85cVQoay9fF0zF~z@Gqq@7B2FXnnf_Zc+w(7=arEh&22UP{eBs)|3Q$mYm~B?F^=Xk{vK3srY&V z?-782;^;QypW%pcSykQJ@un0=;^I%R?m~6^{$i)cA)pM0p=?E@4i+J>$wzHv*fW zX$@REoD%quA_0@q6wRj;GE_iC9Z*pN^t++`Sy1_7^gV|f$k5%?Xnlt6Y73SEuWwNEEj8#^98>fOu_GfpKbppk-87SDnS>zN6Adsu*t>li)a@OIL<@pDR=N@kTZ#- z3&`)?X*|Y-p+T-#8jl&v z6-(nWg8b&^ix(H?pPrvzUO7JkU=(87bzzvT4ut=m<~oGVOOW~>FW>VMJBE~^V7n3I zm;@?ZPSZH&Tg$rfvTmJoNONI12U)qkDHDKKIJ%=nkViL!ga}4X{bCi!^^GnH@`OL$n}jb3Nj-hN-FOf=LEUF(M3T{(uhmG&qGM1Wupc1eA~}%bRhLC zGA7^zChR$h82YTTN5k*|&M08;PDGONQGg;JZC8N|Q$~cXb!?-cm2;Hcz^xe9g_>_Xj{ko`}@;EaIL@oh=rO|vR_8k1FPc6{%c;-;7?@bT~6tH zIhOg;GI<@!usq7UT+y-oVS!Q%!MRw9Jphb=v`TaL15PNDZ}Nb%KwG$I-IMl_j{?GI z=G35a5cUuI3J!G!4Z(+xJz#Ee^~BymL(ms`&YD%4kEwQH48hU9Q%iM){4~LA2Gri% zXrz{`kutX2N_A6<86mA!4^=oIsakQG7_`IOJc5F~wrg=$0iIX7<6Iqhg{V5TBY58B z`->M<;LSs5M0*aAFiE2bN4Ee{kPyPQTY~rg_4(D`-Qdl|ZB({5*W_}J=$yVG(K|wz z4cS7z73I=8*bV30{zp_%VPNlSY%`WinJQop1wq-q=aYOz^%KQ8U1MF8nCU z>ccO&b2)f4jpGmrUy;y($1lA0JUXL3t9EW!J$UUDFAklHHJV`$fGx0VxEBIlLx>T2 z2Nc4CQSs4pLq<1%}|{^snNVV7-T+zrQau8$xf9G0#I0MKFKN znb!Q%oKZBMIk_{Vohtq)*L?txGb!fNB6ZW+8ku76om93cJWEBCabD`mFbI@(h8KQ_ z4l@PME;xVnO3%V2399kWPoZke$0XJ${Me4iS%4~4BS6P8;WyV@?jYF}U2&6GPavxL{X zAJlj9E^o%s34^!!NapY4I&a3&iIHx6kxnktFa)}t1r^OQE4$FyYV;_zD1*1^uh>YQ zeldPS*rkk2FIW0Mlv+{g4`J@9CEBJS6(Q8w1c5Q(M-Bhwljt5r;*`l@c_7IhN-h?L z=vr7jVH$nM0E}jA!g~~<)HqO)(pqvn$*^i*FpA(5iH=9xI{>rqDEL=O8Gr_$UhjfG zhan{Z>MzA5IVDpOD@eL}GeSZtFp^RvPpFiUDP-7JY5rw;QR?-6Ac+nfwgW!ALlL=$ z41F9-7>ns}PdEpAiF$lPM4HOIDGAaL(Y+~*;4Mn_CMcZlN{#K_R*wB$97z~4iMG}J z8(wq;f74;Fw+lXS^oIln9|!uc+%b8ZSIDT=$3ga|RYh6nejKPjtk;H(?#F@gqukLL z-%epHI+B0pJ@^S?yaWEfewroumk#^%|BPUai_d#GH3r3#S(=qH3yK@<5Z z4@$FKASyEK!stK#@BbcwDT3PQBfA0smq9h)dn_5aWRs;-~a-I264U*Z5qlpz=Z zG6oP#U=sKwK!N-;zn-9o0W5ALMpcI8BTq6eQNU}8>&_dQVi@`;05>xOB)w9FKg6iq z+z6-`f1 z0!T$@Z)#v9-<&yJ+U5Mh#|B6me7Z77ej;H&b08!mg{`ToheSt|S8dnojmu8DLZIVy zWe7(KNCIA9D*rAZs0AcuY=i3Asqp#FaAI&OszG&oXD*5cNX#GwOM%2}un0~ABmrcw z!#a@<>Q=01P+1Wak)r+k&f^%tgaRzden$AR+FC|cA*V#hd?f3Zf+S5gx1mx&Ed^9e^WY-zSTw#0Kz6H z*=;whQY*h_ijQd;G7Lf-q3n@RcgTLYjPs?b*QP95EdI}yrk2u21OIn=RLcK%e0H>n z|F@R1mFtyzy>m*_DU$wL{4h`op9!P@f;d5A{Fxv3BQ2PFnXs-XOiY5S82O`)MpUhB zrn+#FolK>=T1K^EA~ii$I(aYGTsRoFPWNF|{G+-cQ0!xlhZ-OXJX@#R{#Fc|f~W}y zp(eRPA@UhX8t=9;&g6G65?_uoOvsLs@PCUFqC|7Cn3Y8$^_Vamia{)eH4 zbTIjP)o|{%u!5>s;aJad{zR@c%^&9rF25Zt&hF4iIZ*CEmU1_;6wbh*{As)vd${xw zW4a-6=diT}E+Whfn%O3vzKcN41sBWKQ)`Ou#FuEN2+x53+|l~-9iVjO+nlaE16OGrlZ44T2zksVWa_>= z6356h@PZ(D&%pVGk=msr{_zeNW#^=LAawpCc|?i_)@8_u!#0voCn-P9$Nac2Fb2{g zg29BLz~f(tadh}d06`)dazuUZ^+pO0^ERYD_ttr?7FW?CXX_U5Ja40#XkXm&zhWkq z)JKE-e|T`RUy}bf`JdNQw!nFEOP445*D~dnT0kED*M_b1Dw&S9rNEq28z-%T1?j}9 z@I9*WCTtn^ik3V@8LdEIKYT0@SeV=n=(Yzg#?t0Qy5#L>K|}}ggPdUS9=c#s=7i#) zE()b?Nq~AiArxt6MHB@byfNeA<^+KeN6p9s?A%eFB&iU%+^JF|#Wct1+~=pLZG70F^qz@BE^#kf!1(A zUIcZ-Sqw3zUyLhq(IgnaAjrIw(l8V#76t_T1m3m`Eydd+sL~y!X6-DtRtwE%3wJ)O znr)RA>QdIK?4t8Rtq0Y$mKI;D3e>I(wI0;cLTxtYSngW2CZGuF7^5(#JL48xt6B4% z*J(AV@(+>y*#>oy1t40LdAH{%6`;Zx|BMn^;)BYd)?(EHwW`&&p!S||h7%_wnxcqh zb3@H^F(VY+k1~HM>cfb?;A}^bitzDFTF&&Ifg8jg5Q?P5vs!M3BNOG4%$~9q+0*7F z;=a?7l@?$wMT0Sp0t#R>^Lo#~$lOpPdGBk{0}d*ifRVl1M#6`T5xt94JWMLmW8SOm z{DJUY>phd+pgv1so;(mHh6Eo4d8|9(L^{SO;Ajv~I{KDbImNXu$D#s7UHap(aCCcs zGU%R9BEkPdg~A+zz)z3>lcbE|07-LyOl3~bRVowsBKUR`2`IWRstaDe`T5hE^VcsA zhT_kk&tJWN>8x<*a0C!Xh4urmKR7CO1ZI zGB#$hR;iNkFv#oNp_y|C$2N@SE-b?@yOwoo`c)O|PJy_@DDEFKyo3$hi4A~0a?5~a zh`|6d=sDrbkJTZ#KUm|9Nu~ZrS?DdJj|TnEF@IOm|DSC1KkFz${{#4BKRzYU z`V11Se%oq))@PjPR{QX2YsR4!=%~_m+okUjJJn=xg5>z!eoM;I+$ z)T}}jwP2h>v@6)@uSBpDFlO9FOI=xKCzqPm+v3q|rL&T(ajq>5%`#x@s&ZQ9T$dD1 zy=S~78NkLNd0?u#+{waX2&sn)a@je8B1X0Auq|`+o;ifQHHdoOrVzy!)3+r^@e$c~ zui44iNxB(j(v2ZJj5^8}yM;rkN;+u}jH(2XRZ9Yu{J-+ASwQ!(LBh}F;OA)Gvef9kO)k|TP%b)a(s3)e@_-Cy(?zdGZ z%ibP?N_n-!UX1gbBKCYlHnEo!HPfJ4#8f5ZacfoWj}P4+x6`=VjU81q)_=Sv&~Ex~ zIN~m$kEZw^`v4yHVqilg6_*_2Vu6r(3s^DnNV6gKWTc&oE=jrD?~^O};WImk{aGp%_8*HSqIGs@@nKfxd6 zkr+b=)M~r_=dy-iCOT?AghFW2hNMhmFO z+r=T6si~Gd1ktvblZqjT3iTu4RXp(i>gBsn7cX|e`->Ob_AHork~{G7_WE(BbIz7j z#SqN8rIG9a1pNs>5ld#AYlem|UX4`+XMgqRR>1#uWqY-M{P(kL)LKO-bZdp++{iT| z!7g9_bLiTy1BEmxb%+4Ik+mK~-an8=0ZI(SZ1;9`x`VDeYVkh#PFi!nSErxey*z*M z>Ft|W|M>Lo?OWde!AKd^iu7+Ice;iVAPE?mi69JhFK?Oev7N#mYdf@Thc7TP&XJpA z(3vR=utmZI3H1Jm1N*^c|y(ME3fWb>F73s$IRj-YV zn9@9X9;nn&@Z#OY&oAHc6XE>(i&q!d7cZ}dEf1RIVNu5!7vMok@oglPr-jy5Dc5GO zeLI4!9#T=V<>y-ee2Nn6!@W1?;nP1za#s{NOPO->B0P=alogfBc^a3aVoNgHOMm|n z3#Xg1^5T~N&8T3D_t7B#pBx{R^#5l^8~dNNlr8W|&-E9V|3QJHHr;}G$rJ+Fv&BQr z&sCbtgIWmuOA1jxR}t`M8@v+#nU#hiDqErB-A`?+jl8S*MPZyMMnEXLVlZJ}?Fc?h2)X-cu>{5lIC8pM(a4@tcFY- z24aX4+Ieg%4Qi1`e*AXC&umOZ8B&o6TdPd%(*+@Q*FKA zr_B)jb^ovX)(gIghae1Tt6D&&n|9ZP?n-dn7?-jhHXmS9da40FDGD@CAv;G%nicl zvdZd(Sb0jdMJlLZVq`JdE?`w~GitS^<|e!hSSF;2;Vex`Rx3%J4QG~} z0x-aEnR#w1dW{5=&JHfhc{{LFa7I>%U`f*$VF5(0# zO7ksV$Gf}Q>$ny9d@k^@fH&K~F8mf}vkH?iQ;6pqHRuQ$!h^ z3qZFsOxC0Z(z+K>Z!2MR1L*m2DjRDbexnvV(V&CjFT8gGSpnb_O-VBA0AK@rs=bn? z#IE2DT9P*y;wfgdW)0T5R=R;yZ5mFMg$qLQvStyw0MrxgnBp1$>%cQ+*acwq1Xlp4 z@ZAZ(TKJ3^b^=&A!P@H-`V*zeWE02$mKl_d=qtjJF6(!s{LLJmXnC}_Tf{(u;t={M zkg>IMPd451s5GRJh~cJ}rtnsK`ZQ4lyaG$2tcZ#S8aOWmkIVK;-(@*FyNx7upYhPL=*dr!>c0W&A1Ta3(#?rw@DI#Aasu+ zar+abAqoWKx`u$8#4_v+hg;o?sNi$`G!ivY&<8g&{*>Y9R^Frt6j3l3`EjaZmCFen zZHs7U`<(c`L$~NNcnz695rY4R=a=t+d^qI~KMsVHI^5e!_``$!1J5VZy=3pj@lPbZ z*gFuZ_`7_tN`*r{{ojtxAsdsecHj%76x=&bhrkx8ZxGfLaBqC`Sb{ zGh-E?Ufhb)feSB-9pS)5c8|3PF51QF$iZ-G0fdN{Rau5TYb7p3;EXSi3kimSj501{ zl_emL{r=0q5wq&E(jtdV4K>-(q)G71eqB|x83{J&$sn$aH zXv9U3rAq0Ji+KXAD!&9V0za8*OdlK(}_mPNo7-`$`23*A1`Y7Te z&r&Tk!dVB>u6BC?UaJCtGOtxp(SeQ}PHpv@!MmNWi}w0{3;5-0{VTB}ZUHXF0Oluz zh?i+Vh-B=(5exzuf{z~`BS4~R*q%Op^Y;4bQvu@?CATQ(J+ojG!TS?3l?do~&V7JE zu*bppIP$>vX&x1m7=c2kD-9lRPuaJlPPax@)P0-0mc!5~6Jv+qFQ! zUB+PNuU?5Og<@b>kylFJX_a`te4Xro1WnQOMkce;+Y?8Am<9-po}XWS8Yxw!*ZYAa z0LgW{Bj3GwdHw19#p{bVS&F9{1V;H&?@x2n;nx2%luU6XR^k#Yz?$;^93CIo_FqSb z8~d-dlr3|H}&h)R_P0|2Gu?2tytKu2}e7JylM%K{KhAr7;HV{rgwdku@QC4dYjw}@S#5c%vp44X2;SH_Jh zq=%PzUd&Yg{9zbMi+5$jJ_mp#aoi;~k~%9@uFAqA0`#~*&A-i3)sHMJxwF*Q4tg*u z4n#D8ZzGcEiw{hJ4=LJqcB(#rfDgSgn^$(H5R*VA=@r*3I&qgyzvF@DFai^JkH9ny z8ID6F8pDXzcaEkpn>CDBnPYHakAu-55nBr&Q|Q7eACC-hCBJy`LmGx};1umXxhQ@l zlkE=@6e37vXoOvn8ejg2%eA+wMj!w~$M!kLFj_C_DdLol6v;yb(3IEKVy{>Oh;I&#k^ z+7ZCoH40NbAd|!Gwnc08D9qtcXP+|CXJ*>XM`qPdr3GT&F;c50e^IEZMs8ITr*dAc zxPx-=cZ+(NgQ^#YUx5O{l>Z~bmKXHdD9!r+V@v)&Iym0w|JPEsfVg@q$^5O|ururV z1q|eEk-oE2^&&>;qIa?Mjj^{>yk8-tZb&lbMET%x(dW(E>z7v^tFvL(qnBH6A_BT} zP)A;K- z908l=Yt(W#_>D+jT>~|;A^2U;gDvn23Vp&kI0CMopTClM=&vU*x&t#J{eE#o84N?t zDg9SYik@?($KwnR_~VafUJodAiX8GljV6oNZ z03ZXN=c$IiPj5kjVv;b)99)bgh?rLdH|cH8;PRGsKrA>lAnb`?1Tdv3(oN>K`VQ_a z!T+Pw-2N-_%bV|#p%u5$<{n}Wer82}c`~SCzC@OW;l?YE>Qw!@ z)P%#eLzZUXJ1#^zKwQLy_u-y|=@eDmm~?8nUbDR*F60f2iH4>-m=+M%;i5X+eVdl+ zFLIi2q3?An+OE3nS!9jZ6E3!a@C7a4?0Kt{vaXmj9RoQBd_c}7z30A)*(fIvVekfXX{@(lNk z-ZSu)^KK8Aq8-tcas^B&Di7L8v>6c*>hT!+?k?&tmW(ah&TPg|)i#*SST(h|%rkI3 zAruMzT&|Dlltf^3hh}t?aq~}~8jwAG$}wdac=EbC07qkzOy!ZyN3Co}=nkL=an@F> zDvg{w90_AQ^H378M>B=O$3ga|Hw{FHQL)5c;N;^#|E1q()x^h4Nul3pRmI1F{!71+ zdWw$&`M-WDwHO}D=s4NPq3Gpan4u)V) zek>mA^U!qtbzA3%>$eJ+)w&gZAi;^ke3J4LR&emfn+zs+_FdaV5JE)=QOq`6X?Hbu>*mY0Cyl=6Kp?2&E7)51u0;wT?O{^??q z;lS&nNd3~cVSm0-b^mLg#*6mRVE=V=cvklR-rv}Nt)*<`I{l8fzpbxy7xU9D_uJ`e zw(EWCvaV4ZWH55`FXRhL<_w$dFE?Bs1=%cW0u;d}t&)Mynv1;8F^qz@Ik+7pK%H&6 z;8`FW1OpfZngWi~FcjcIs$vXmTVoP$>j70{^fd{pLQ{3|8PDmmXmB7h>fNB+P#+6T z#S}75_51s0XJ`HGb{NGBO$*o04gL^CM}Nx|Lb?-h7-X|5N{T|;VpA_#^zQN#VbL|p zn^Hb6?O|*UsFBHdQ9vt`BDVmv7|-Tsj2GQo`e0ta7Hs%F4l+xuZLeB3 zak7k481LSbu%2_wkAMCwKbMR*0?o1!>ohP~ZDYR-)s7I)#q4O#a94Ul+@aZlVYSbh zME>tVsn(&R*4JQG|J9T#{x1`gm(WK8|95bDc4piEoo?d)ucvH*7hmtE!jBaIHz1}l0lDm17MR$x7#Mlf>Q<DtD6e?JC{u?USh5Kka|Bp^jZ2AA-XmkFrrEKM@!!{IPrLo!Ckb{** zW@|E1(N-eDGQ%``Q8h{`O-L zV>EEhhiOs&Ek-v4azx@0NBR&P{l>i>YS_E<`z8vi*5a>&wu>6`Q*=*B2XcN6z=$&T^PrkQ-A5D z>inlm3<2C||51wne{y=bzd8TcQMQyL=f?QsD>nX6vHQLq%MUf6joAliZ}wpaznp8* zS84On62R6_ZVWyQGjkb)v5~`4hdr=NJ&YKR8#|9bRWbR$;j=|LO4f$j<+8 zc(&pH)>F2?yYJ7RcjEpkdA}tmdZ;^e+w*DbO8n5k4f4I!7Q2flf)KsUAL>X0?0w+> zHaONVnixXBx?nsa7r>P;C`l6^EgQpGyUWIK*6`9XY=FE>4Bw;VrhE=B zj$zU6T-a>`aE4vbtSM=YVFmJB#eEK^LfcR}*%m&BN4jN+%lZ>{4uCxo+`t5Q2?>Hm zyiut-%E6cEViv}*XDNu618^h)Qmh7GePAvXVBP3^KpSCY$}CS)b|KEd80^7$fjg*V z3kDS)?_29gSsYDk=Foab*>^U#aIwp@nrZ)YKXwXt5kA0yWkCpb{!w>K6&^3`SXT|ExJlg01^)Eum?c4McQWsHYByjobIT+l?-SF zNy`AoHaqn?7L-6*-PXQl?%0 zNA^`Y)lo(B8UdmS7~|br{wvSU)VNHnZI=V4UhFEdCBGL~))d4fpk0v753Hr2bvnxj zQ-i}l&&7kO|EE3-(Q}kAJjOm`OY;6~wEsBSFWG;e93F4<|7$5*;EK;WFsA(xUIsiq zg}(sF-Y|7oT3o5`8y!{X_FX`EANYq3o%rHQ@LG)Vy1P3G?OdV&u}mV2QqrxKS(Nkm}S^XYimP|?L11{n1msD5JQh}93!?c zyb>7OkYr1y;u6zrMk=>rdG6)GI#plunx15URv4b}R=^g}_##uxgrLg>!|$kRvZZpF zsVKV6NO*gU?1^W4yj#93H4iB(6`pPZl1QtT`nD>qU)0LCOk1)(8nA6f7X3=lo#D|O zxjV{WAyI11{1*cdSH%;onMzr<%2NskdQ2*gtB$rjL5bLO4=4@Q&UHBU;vPC15G z?^sZPObZL89osNJ#p^VqnDRni9W)uEix?Jq`CttMfG30tC}M+ z?&|7BRN?2C^|%8DB$lJW5%}@_1&B$UhC)gmCu9m<;~)sp156M|kcwzUx9diPV>qqC zgRK&nV?+)ePfd^QOT&mN5)!Uxj>L#$M!~?J#5;iUHRo?HYecfSi_7OCT4kCTsq~8b zNU3VVnamv_zstefZgtkFuP!b@u|L%?W)nxl%NUXO;o{O^AG4e}%170C934jVj-;$) zxwZm&qySH3cdH+f7a+=Tq!-?5=g91<`_S5s=oT{c0B0FQs~nN;Yrcu&zv-tDwlXp@ZE48#Z3ee{f z7~s#l1ugA#zsFZjlWb>g#8|dbH+5s>IX_bEOZ#hmXcX>(I?#ZpVESo}laq z7OC1qNA(D31ztI?YD1VHCnt1mr$DWRuK?L?oYoG*LR?`=Yar88dab7L4$aiXb_}tZ z;}}P|VOJFgmhm9G_cALa86-7+eaXp@IiTA{l88KeVQGbR<9v#Xv&{7Dnb`-gbn5Du z1mCIaxm&~ljAIl9NHS5vQVfiakA*}3s2s#v#L(vKqh>M514syAA)?gEiwu3AKhz^@ z!GQgE`F_;EE&X`;Uh+q`ajKb;EpQS2OO8$GM6RBnzj_JYU+fvm5qatSBtc{KQFM<3 z3_YJr_jpsFf6(uKrL}8aYCTeZ=+9OP{NEB|KAEL4{?mSm|2sU}#Q$4M*#cMX<3G)3 z?AMCn>lXXFgJoYk#!k}LrT{ga&G?);Ue%3l!k0tfeK6v&d~ATA!RX8OwpX1y{q3tD zSc=tPjr)9#_euyBG7;=zBUlN+LiT`N3<4`5FxB=AQLaiZP@}go{52JKT+dU=$W-^{ zx(ld;Kv?#*Ux}6@p=&RQ7R&LWes5xdMAddSf%1H7unNp8)#;!_rC~3Rw^Zj{A$3j? z+p>9nbUseM8$Jz=HZoU|7Q-zy@q5Pl38f_nag_UAF!Y(JPBwhtmn=p8Pq_W;DL1~0 z%O$abP5vJz2X_3YlcU4q4ga@}vIVl)o>%`@Dqku%sOo(_b>W=c=BjLb6cH91l2c*n zkXH!1b8*>nHrfZo%>GhLf?6A(WmlE+0bCKI?olxi9RC2PIGkOQ5c`b_Z?1t9ED;L5 z4X$u>8=@-){kt7-DNI6Mq%c$u)UwT?9I`Cn}K*AG`{LW zf3*+0Su>Cs7+hT5AMb#R%lp$Vh9NZrp@>pUqVutkbDGxHqDxEl2B7Y4@I1sQVi%V? z;0=k|SsJt&h`gWleAT?i@D!1hT_K-D0hN3nLLSjWaExw$_phhN`}^f# z)eJ=6TU=bWS+2Gf;OqUbD++s9dm)0+^}$s5AnAsEcggCIeaB3cf` zaB(>V2WN-g!Krt+?;Rc;wf(+G#)iNkW9EBoI_mS|RXO}*>nneIuTCI zF-h1E{B_@GjWFVqa0n)h#a45ds`g*^zhW8ICI7u40pf#OlmGwe{$a`g|KRLwBmb?V zYymyn8}ZK)z&7IFM*Q1|e;e^{BmO-C@vp-kS%!4CIuWhS9$BIU)?y&n37=WN;S^qU zk7VOvvO5r~b663X9q@|yFs$4vH3Jcng7+bl5k7j6;%VFivG+)~Q;WAPB!yxyMD#f( z6a_kZLqviKKg>rU*mB^6tkYVqm6w?rs|c1L$38Am)VUdkngjZ_q*eVw?~)-n+W)$x z*iD(Yxa9xrSXojZ_45D0(ea6W|9gCVu<`#`OW6V{;OZjce>b~8SIKMz-OVpM7R2IZ z0X4&XW{hpi3PMdRUQF(-JE}WdUAl_0K67{AO4%`Y_N1khYIe89x1EhdU8NRb+L%=0 zYQgMHODT1NPDLW9{M(K;t*(;Uxw<>3wtby%Q!HL;5LT5YDgU;!0j#UkuCOXo-7kf% zT7)%*Qduv;%9h1n1Zy=2bB7=?zwKz?TrQ)`u+51x=bc@H1jKH!tZr&#}Ukt}`1?M}H{8A7%{0 z@CN#KN(Vu8O2|vy#UFo+94jn?U@&1U-Vr)ix&xRW?|?Ljw>>a84=IrdQ!6j`_m{^Y zi~`=y4WjaU@jx^LU?QsDqlBppOMc8rbb>&HP=JEk8|lU?k;VC|rrC7gnS9aG31JgL zSvQ2WIP~j)vm+bw&UXNvkTeYV&U^Y4-V+?4;OWyHkVYbmz|*Ja-(S6b_5S+htA9Lw z3L@kqO6N-O>xQZO8J2No>qS^0l7`~OFjZ&T>y$E%K@x#93Q&@9ZoDE20K6ghjhFN- z5mptJVnDY6rgmHk6;K1FjO?oTAJu^=ntUSVh2a{~nJJZVqfcd4OFLCQ1J@HmkvQDs zteMxITvUZ&2%bJwV|n`2>pe3CTV8Jm;Al*esf>Zg4@{&kJ$C>_s1!b5q-P}KY#nn{ ze8@z+j|0=&jgR_+miayo3`5B6Z}eu&asQ+8fvxNQXaD4A|H!`oIXm6Ne^^V&?tg%q z_D7ig$vj>kTOKI)9f!_HS&O;FGeTLt)n8eZ!Sg;)SaGM&S;Q@cnJ6SaZ*fCV2VO~o zzj*4ZDm^@`n7LZ;G`X$@uYPiK@U9SZ!viU>dua`xt2j-{TjJ`)nhy6->AH8**$)rE68O&?vxRcfT;NCHMv8Pz$QfkP5Q9Z z(t@?KsV8!)iOFIFpwDrLeaym{_#Vq9#FFHaLM&7&8Z=cQE%!7myu|)?uU3!mt3{GHmBm zX|+?_YL0~t!CGu|$;9?Wv0-af=0!;@HX3aM3($2;f?ii@Y`*dq44R^EmJ0i3@B+ml znN3l|cEIz5M1LbUJK%5RX1n2hkRoNvQGXfQp*1B-vG;C+jaKKx7u^w;Bml2E9A=e` zw!uc5b7KA2;3znsCzoVRqph$}qkPGs>!^u0lpHY$-pYiM?yguQyZYmg5f}(6yDhQt z9R+P*TP`*xgt9k?@we3t&8fPsz>3+Wi3FnsiH$a}Ef*V-_f*J#g`+#ivYZPW6{v9Z zSHg(KMjP0ci;V6l!|9+75Vw?oqM>-bOz_ z9HvP-^PJW@Md=xU8`zeM4UYfw5JOrMT&MF5+k(Yh8vr%{*SgV;*zj;%1>K4bNlX2S zg(bv~5spQC3=St<1T~$pq4#NHI@^`6jh`||WO{P6I9BGzhWCO0nQ6n;zcxOI#qm+D zjts2PBDiUVjUb|pQOxGUM#Wj0cPP$HWyJUcPH5()G1!i%w*$;yzhE}` zN%CnsTJf%;S9x8r!AOXb7IMmbJEe-c7@Z27eE7Is=ucwfx&>^lOIK`oB<6pX{nlFO zF_yejay)!T!AQe30)v;orZC(AFF#|-I{9yO$Hra7b(4jS|M(GGdA+SJM-pC<~WMjD8V)I=4iB)6q`m2Pto%bQu?MsMq08I zYxgMVO25Btw4kKe7O*WB8x;9zB14{uWJ+#qEOO&&BE{;BLm`l1_b0K@2DX)A!y8kP zgVn~y@^;GTDcZ9Ilm`)+{C)Fsiuu*^| zQ~DGeYi2&?!bUk$?~>&uTxZWvcSOy}KHyO*d+SP%!J2qz2XV&e-7sG}FmbuF! z*zimp+){b-R=U7ZB#diykOTqK+;~upE`kk{G5rGAknHC&(a{PUMvCql=)RCmQz19{ zf~6HUaD>_O28?_$Y!rZ75F>^7yuIEtFv@f-nHjpc-h&MLFbrqHqP#+tGE!2KaRX*J zMSy2uWOI%q=_w#x9RQ4U3jY6}z3cmt+jQdJ=ld&A?qzejwf0AL^OYYWMXjo)YSZeH zs8XxbnYGzHS}$0}yScRL|6YN?1{-?~aaN7ABoDV>GsA#k82HQxvLvbe$W%apT}n4F z4e--9k1#LPr(4EsziU>0d-V$7Er22lK4uldL0~U55H+XtE`})rT3~pF3U-PvOp>=P z(oucsKDc@XxMWM9g~COM{iL|x&s)|OiNy2@XFL4868%weyFn=>I|d5MtG~G^r-+*y z5D`=aI6J-waQ1K@S&ol5MLU!{WHc`x#K}`s!##{%m2d-2H>DpDD-^`z7vWH2LURz6 zzBTYx^RdgNN~lDoXZa*SL zO&sUIqWmgpoj{=&bD1j$UA@dkg`wBit*7Ak`mWIZB&q&ZKy-O~=zbFCl>9+ADqrNO z-!7b$W^spwFOq0^m2p1_g4!WLjS~=Tz0oJ(t|zbgR9)rw1Y1_Tg;xL=e2#>XISqZ0 z;!ve#Z5E)6rAFIRJvT!PKj7Mu5dv|KKo+#`518fZ*dqjt?$K2Jl%>6Asv(%qW?D7! zfTwQG6yS_M6sZ5TH}RUV_I&xy{u4v_5#>QjW0*DySwVBSLyfW)q4_XE0w2^vZ3E*! z4;eGcs`WiIPDJWb)2%!ZNWqeZ!NC;F1M#nsHw$K39z!sXA5r5?!sY=x#wxhaG@*Nl zNg%)6E3=V7LRe7N6R^W}i=V0oXx12jqH-}BNJ0x{h(nCa5IkEvvpkLx!c^~ShDd!Z zDBEu+PYbkKN+W3qDjTU*)-oA}V7abFQgii}!&qidW1fGdL}~0-YSyHYAq1=S|C^b* zh;Q9l2zoI`XNSKsdtD)-PRNH+2RFQuU5;|xsYvE{8zo+j6&m7 z{I|t&-i-gYSYP75oh4nXJIcQBFAeS08|+P`7N*M=z~zb2vcj;s!@9MSH_EDio6Y25 zkyXN##l>Q9vBj%t8CFcMA>E{GGVZ>okN4;=N(Qmq87oLXWO)Bu+tpqV5hrG2O5#JF zBNDg5%?)R^lJ0jj-{2&&%ePHx@;XiF$6IiRvJ}SX7L@OwKm=?dPEqm$-LUU5SCT&c zi1)bi57`&y%Mu+6fM_0>U8J$xL&{0Y>=4I@vF#yk)#b(VvYX`|Qf@34FfTCKeT!g{ zVuG~ORUej{qz#t4Njb3`Q?3*8>GG#$l&KSAxy5qymXbFlK~Ja}&5f~akebM6#l;}` z_wykvbG4gpx3>QA8W^kYfzd$kaA)r7lw!6YgXO*%qlc6e%SDmO z&*1e|Y`h3&k0of-gXL(xn02muJ*1pihH-(9$odhFJurGmwOJk%R<1JAiMVnVYON7i zu4;RKXt@z=G-Y5prGxSurJk4`NBEYc_BA4vg0@qV_exz*kG2-$5QxQC6xx@)5G+bY zI#-ww$k=rD3B9(W=yOpBR+1xqN)3UWMjK^JJ+6IdDyw54*JQ23rY>$6whRPDSR*cK z=Pho1Tic>~JNE|2f6ol2z~BE|yt-lpaHD{TgXW)HV;D z%+E?YT=O!Fv+ibDFN3U`1*@{dx?5nqY_Fd7HFsmHmzmX3c5|ET2H91;EUIn_R%J+a zH=%kNPsixlLDtf*+D@v>XkVjUQ8;uNO9xYexL6G@>5?w#l04JD0RRC1|71XFB>)Bo E07 + schema: + type: int + "null": true + $ref: + - "definitions/certificate" + + - variable: esStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: data + label: Elastic Search Data Storage + description: The path to store Elastic Search data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "data" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + + - variable: resources + label: "" + group: Resources Configuration + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Elastic Search. + schema: + type: string + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Elastic Search. + schema: + type: string + default: "8Gi" + required: true diff --git a/library/ix-dev/charts/elastic-search/templates/NOTES.txt b/library/ix-dev/charts/elastic-search/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/charts/elastic-search/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/charts/elastic-search/templates/_es.tpl b/library/ix-dev/charts/elastic-search/templates/_es.tpl new file mode 100644 index 0000000000..a2f4c7be1b --- /dev/null +++ b/library/ix-dev/charts/elastic-search/templates/_es.tpl @@ -0,0 +1,119 @@ +{{- define "es.workload" -}} +workload: + es: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.esNetwork.hostNetwork }} + containers: + es: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: {{ .Values.esRunAs.user }} + runAsGroup: {{ .Values.esRunAs.group }} + readOnlyRootFilesystem: false + env: + {{/* https://www.elastic.co/guide/en/elasticsearch/reference/master/docker.html#docker-configuration-methods */}} + ES_HEAP_SIZE: {{ .Values.esConfig.heapSize }} + ELASTIC_PASSWORD: {{ .Values.esConfig.password }} + ES_SETTING_HTTP_PORT: {{ .Values.esNetwork.httpPort }} + ES_SETTING_NODE_NAME: {{ .Values.esConfig.nodeName }} + ES_SETTING_NODE_ROLES: master + ES_SETTING_DISCOVERY_TYPE: single-node + ES_SETTING_XPACK_SECURITY_ENABLED: true + {{/* Transport is not used on single nodes */}} + ES_SETTING_XPACK_SECURITY_TRANSPORT_SSL_ENABLED: false + {{ if .Values.esNetwork.certificateID }} + ES_SETTING_XPACK_SECURITY_HTTP_SSL_ENABLED: true + ES_SETTING_XPACK_SECURITY_HTTP_SSL_KEY: /usr/share/elasticsearch/config/certs/tls.key + ES_SETTING_XPACK_SECURITY_HTTP_SSL_CERTIFICATE: /usr/share/elasticsearch/config/certs/tls.crt + ES_SETTING_XPACK_SECURITY_HTTP_SSL_CERTIFICATE__AUTHORITIES: /usr/share/elasticsearch/config/certs/ca.crt + {{ end }} + {{ with .Values.esConfig.additionalEnvs }} + {{ range $env := . }} + {{ $env.name }}: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: {{ include "es.schema" . }} + path: /_cluster/health?local=true + port: {{ .Values.esNetwork.httpPort }} + httpHeaders: + Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }} + readiness: + enabled: true + type: {{ include "es.schema" . }} + path: /_cluster/health?local=true + port: {{ .Values.esNetwork.httpPort }} + httpHeaders: + Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }} + startup: + enabled: true + type: {{ include "es.schema" . }} + path: /_cluster/health?local=true + port: {{ .Values.esNetwork.httpPort }} + httpHeaders: + Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }} + initContainers: + {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" + "UID" .Values.esRunAs.user + "GID" .Values.esRunAs.group + "type" "install") | nindent 8 }} +{{/* Service */}} +service: + es: + enabled: true + primary: true + type: NodePort + targetSelector: es + ports: + http: + enabled: true + primary: true + port: {{ .Values.esNetwork.httpPort }} + nodePort: {{ .Values.esNetwork.httpPort }} + targetSelector: es + +{{/* Persistence */}} +persistence: + data: + enabled: true + type: {{ .Values.esStorage.data.type }} + datasetName: {{ .Values.esStorage.data.datasetName | default "" }} + hostPath: {{ .Values.esStorage.data.hostPath | default "" }} + targetSelector: + es: + es: + mountPath: /usr/share/elasticsearch/data + 01-permissions: + mountPath: /mnt/directories/data + {{- if .Values.esNetwork.certificateID }} + certs: + enabled: true + type: secret + objectName: es-cert + defaultMode: "0600" + items: + - key: tls.key + path: tls.key + - key: tls.crt + path: tls.crt + - key: tls.crt + path: ca.crt + targetSelector: + es: + es: + mountPath: /usr/share/elasticsearch/config/certs + readOnly: true + +scaleCertificate: + es-cert: + enabled: true + id: {{ .Values.esNetwork.certificateID }} + {{- end -}} +{{- end -}} diff --git a/library/ix-dev/charts/elastic-search/templates/_helper.tpl b/library/ix-dev/charts/elastic-search/templates/_helper.tpl new file mode 100644 index 0000000000..4c356539f1 --- /dev/null +++ b/library/ix-dev/charts/elastic-search/templates/_helper.tpl @@ -0,0 +1,7 @@ +{{- define "es.schema" -}} + {{- $protocol := "http" -}} + {{- if .Values.esNetwork.certificateID -}} + {{- $protocol = "https" -}} + {{- end -}} + {{- $protocol -}} +{{- end -}} diff --git a/library/ix-dev/charts/elastic-search/templates/_portal.tpl b/library/ix-dev/charts/elastic-search/templates/_portal.tpl new file mode 100644 index 0000000000..cc199986de --- /dev/null +++ b/library/ix-dev/charts/elastic-search/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "es.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + path: / + port: {{ .Values.esNetwork.httpPort | quote }} + protocol: {{ include "es.schema" . }} + host: $node_ip +{{- end -}} diff --git a/library/ix-dev/charts/elastic-search/templates/common.yaml b/library/ix-dev/charts/elastic-search/templates/common.yaml new file mode 100644 index 0000000000..2d643edb7d --- /dev/null +++ b/library/ix-dev/charts/elastic-search/templates/common.yaml @@ -0,0 +1,9 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "es.workload" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "es.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/charts/elastic-search/upgrade_info.json b/library/ix-dev/charts/elastic-search/upgrade_info.json new file mode 100644 index 0000000000..767388094a --- /dev/null +++ b/library/ix-dev/charts/elastic-search/upgrade_info.json @@ -0,0 +1 @@ +{"filename": "values.yaml", "keys": ["image"]} diff --git a/library/ix-dev/charts/elastic-search/upgrade_strategy b/library/ix-dev/charts/elastic-search/upgrade_strategy new file mode 100755 index 0000000000..13d38b0f3c --- /dev/null +++ b/library/ix-dev/charts/elastic-search/upgrade_strategy @@ -0,0 +1,26 @@ +#!/usr/bin/python3 +import json +import sys + +from catalog_update.upgrade_strategy import semantic_versioning + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + version = semantic_versioning(image_tags[key]) + if not version: + return {} + + return { + 'tags': {key: f'v{version}'}, + 'app_version': f'v{version}', + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValueError('Invalid json specified') + + print(json.dumps(newer_mapping(versions_json))) diff --git a/library/ix-dev/charts/elastic-search/values.yaml b/library/ix-dev/charts/elastic-search/values.yaml new file mode 100644 index 0000000000..d8884202c1 --- /dev/null +++ b/library/ix-dev/charts/elastic-search/values.yaml @@ -0,0 +1,31 @@ +image: + repository: docker.elastic.co/elasticsearch/elasticsearch + pullPolicy: IfNotPresent + tag: '8.7.0' + +resources: + limits: + cpu: 4000m + memory: 8Gi + +esConfig: + password: "" + heapSize: 512m + nodeName: elastic_search_node + additionalEnvs: [] + +# Not user configurable +esRunAs: + user: 1000 + group: 1000 + +esNetwork: + httpPort: 30000 + hostNetwork: false + certificateID: "" + +esStorage: + data: + type: ixVolume + hostPath: '' + datasetName: data